businessua.com Open in urlscan Pro
91.210.190.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://businessua.com/
Submission: On August 21 via manual (August 21st 2023, 6:35:31 am UTC) from CH — Scanned from DE

Summary HTTP 702 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 129 IPs in 23 countries across 131 domains to perform 702 HTTP transactions. The main IP is 91.210.190.92, located in Bulgaria and belongs to AS-EKVIA, BG. The main domain is businessua.com.

This is the only time businessua.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	91.210.190.92 91.210.190.92	48440 (AS-EKVIA) (AS-EKVIA)
23	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
14	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	65.21.224.187 65.21.224.187	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1 10	212.42.76.150 212.42.76.150	8856 (UKRNET Kiev) (UKRNET Kiev)
2	188.166.21.205 188.166.21.205	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.18.2.81 104.18.2.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	88.218.242.3 88.218.242.3	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
1	104.18.3.81 104.18.3.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	143.244.196.143 143.244.196.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	146.0.227.107 146.0.227.107	20773 (GODADDY) (GODADDY)
6 28	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
7 12	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 12	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
2	37.230.131.16 37.230.131.16	200197 (HYBRID-PO...) (HYBRID-POLAND)
2	34.95.81.88 34.95.81.88	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13 15	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
24 40	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4 16	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 4	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3 3	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
3	146.0.227.98 146.0.227.98	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
15 18	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2 6	18.200.152.171 18.200.152.171	16509 (AMAZON-02) (AMAZON-02)
12	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 33	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
4	2a0c:5c87:516... 2a0c:5c87:5160::2	55081 (24SHELLS) (24SHELLS)
4	8.2.108.175 8.2.108.175	46636 (NATCOWEB) (NATCOWEB)
12 19	3.127.96.33 3.127.96.33	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.240.143 141.94.240.143	16276 (OVH) (OVH)
6 6	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
3 7	34.241.158.58 34.241.158.58	16509 (AMAZON-02) (AMAZON-02)
3 3	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2 12	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2 4	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
5 11	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
4	185.83.69.18 185.83.69.18	55081 (24SHELLS) (24SHELLS)
2	54.77.204.84 54.77.204.84	16509 (AMAZON-02) (AMAZON-02)
1 3	194.247.175.19 194.247.175.19	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1 3	49.12.83.94 49.12.83.94	24940 (HETZNER-AS) (HETZNER-AS)
2	183.110.238.136 183.110.238.136	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
2 2	199.115.119.227 199.115.119.227	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	8.2.110.206 8.2.110.206	46636 (NATCOWEB) (NATCOWEB)
4	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
5	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
4	8.2.110.24 8.2.110.24	46636 (NATCOWEB) (NATCOWEB)
3 7	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4	193.3.178.1 193.3.178.1	399668 (E-PLANNING-) (E-PLANNING-)
4 4	52.70.223.235 52.70.223.235	14618 (AMAZON-AES) (AMAZON-AES)
4	69.166.1.34 69.166.1.34	27630 (AS-XFERNET) (AS-XFERNET)
4 4	44.205.87.2 44.205.87.2	14618 (AMAZON-AES) (AMAZON-AES)
8 8	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
16	23.218.210.30 23.218.210.30	16625 (AKAMAI-AS) (AKAMAI-AS)
13	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1 9	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 27	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
4 34	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
2	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
9 9	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
3 3	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2	188.166.37.243 188.166.37.243	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	64.58.116.142 64.58.116.142	7979 (SERVERS-COM) (SERVERS-COM)
2	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.157.245.159 35.157.245.159	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.62.226.6 178.62.226.6	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	109.206.162.121 109.206.162.121	50245 (SERVEREL-AS) (SERVEREL-AS)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 7	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
4 15	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.183.112.148 185.183.112.148	60350 (VP) (VP)
10 12	52.212.242.190 52.212.242.190	16509 (AMAZON-02) (AMAZON-02)
2 2	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f608:78e4:ddc4:e083:81a6	14618 (AMAZON-AES) (AMAZON-AES)
3 8	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a05:d018:24:... 2a05:d018:24:b002:30d4:cd9b:2350:dbd6	16509 (AMAZON-02) (AMAZON-02)
5 6	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
4 4	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.15.245.83 185.15.245.83	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	54.155.55.68 54.155.55.68	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2	34.252.154.12 34.252.154.12	16509 (AMAZON-02) (AMAZON-02)
1	168.119.72.236 168.119.72.236	24940 (HETZNER-AS) (HETZNER-AS)
10 14	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	3.213.117.201 3.213.117.201	14618 (AMAZON-AES) (AMAZON-AES)
2 5	52.95.122.74 52.95.122.74	16509 (AMAZON-02) (AMAZON-02)
3	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	52.48.19.12 52.48.19.12	16509 (AMAZON-02) (AMAZON-02)
1 7	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
7	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
2 2	34.160.19.107 34.160.19.107	15169 (GOOGLE) (GOOGLE)
5	81.17.55.109 81.17.55.109	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	34.242.87.156 34.242.87.156	16509 (AMAZON-02) (AMAZON-02)
4	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1 23	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4 5	3.122.33.96 3.122.33.96	16509 (AMAZON-02) (AMAZON-02)
7	2a05:d018:d29... 2a05:d018:d29:3601:3875:a2f1:5d10:86ec	16509 (AMAZON-02) (AMAZON-02)
4 44	34.247.205.196 34.247.205.196	16509 (AMAZON-02) (AMAZON-02)
1 1	35.210.239.72 35.210.239.72	19527 (GOOGLE-2) (GOOGLE-2)
8 12	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	54.165.154.245 54.165.154.245	14618 (AMAZON-AES) (AMAZON-AES)
4 4	52.7.201.242 52.7.201.242	14618 (AMAZON-AES) (AMAZON-AES)
4	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
4 4	64.74.236.159 64.74.236.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
4	54.72.199.212 54.72.199.212	16509 (AMAZON-02) (AMAZON-02)
6 6	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
4 4	124.146.215.50 124.146.215.50	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
4	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
4 4	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
10	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2.21.20.200 2.21.20.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 16	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.174.89.161 54.174.89.161	14618 (AMAZON-AES) (AMAZON-AES)
2 3	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
2	2600:9000:211... 2600:9000:2117:ee00:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.105.128 3.120.105.128	16509 (AMAZON-02) (AMAZON-02)
1 1	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	35.214.159.30 35.214.159.30	15169 (GOOGLE) (GOOGLE)
2 2	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2	72.251.245.181 72.251.245.181	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
2 2	35.186.154.107 35.186.154.107	15169 (GOOGLE) (GOOGLE)
2 2	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	141.94.242.206 141.94.242.206	16276 (OVH) (OVH)
2	23.88.86.2 23.88.86.2	24940 (HETZNER-AS) (HETZNER-AS)
2 4	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
5 5	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
702	129

38 91.210.190.92 (Bulgaria)

ASN48440 (AS-EKVIA, BG)
PTR: internetmedia.ua

businessua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

scripts.go2net.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.21.224.187 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.224.21.65.clients.your-server.de

servetraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 212.42.76.150 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv150.fwdcdn.com

sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sinst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.21.205 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.81 (None, )

ASN13335 (CLOUDFLARENET, US)

i.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.218.242.3 (Moscow, Russian Federation)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)

ua-content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.196.143 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)

ads.go2net.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 146.0.227.110 (Ascension Island) 6 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.184.8.90 (Amsterdam, Netherlands) 7 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.3.20 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.230.131.16 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.81.88 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.81.95.34.bc.googleusercontent.com

s-cs.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 198.47.127.18 (United States) 13 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 142.250.185.162 (Grosse Pointe, United States) 24 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 198.47.127.205 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.81 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.0.227.109 (Germany) 3 redirects

ASN20773 (GODADDY, DE)

ks-match.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.0.227.98 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.89.211.84 (Frankfurt am Main, Germany) 15 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.200.152.171 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-152-171.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 193.3.178.4 (United States) 1 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u-ams03.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0c:5c87:5160::2 (United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 3.127.96.33 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-96-33.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.240.143 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh

pixel-eu.onprospects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.94.171.215 (France) 6 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.241.158.58 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-158-58.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.196.115 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 82.145.213.8 (Norway) 2 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 51.83.220.94 (France) 5 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.83.69.18 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.204.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-204-84.eu-west-1.compute.amazonaws.com

cs.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.19 (Ukraine) 1 redirects

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 49.12.83.94 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.94.83.12.49.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

idsync.admixer.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.115.119.227 (Manassas, United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.lemmatechnologies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)

cs.mobfox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)

sync.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.3.178.1 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.70.223.235 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-223-235.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.205.87.2 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-87-2.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.201.255.110 (Frankfurt am Main, Germany) 8 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

i.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 23.227.139.243 (Piscataway, United States) 4 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.228.174.117 (United Kingdom) 9 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.164.11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.37.243 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

stats.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.116.142 (United States)

ASN7979 (SERVERS-COM, US)

notify.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.245.159 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-245-159.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.62.226.6 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

img.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.162.121 (United States) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 121.162.serverel.net

icdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

reimgs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.46.155.104 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.64.148.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.183.112.148 (Meaux, France) 2 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.212.242.190 (Dublin, Ireland) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-242-190.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.81.168 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f608:78e4:ddc4:e083:81a6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:24:b002:30d4:cd9b:2350:dbd6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.198.126.47 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.114.159.118 (Bad Durrheim, Germany) 4 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.131.239 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.55.68 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-55-68.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.154.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-154-12.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.130.49 (United States) 10 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.117.201 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-117-201.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.122.74 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.48.19.12 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-19-12.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.19.107 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 81.17.55.109 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.242.87.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-87-156.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.122.33.96 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-96.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a05:d018:d29:3601:3875:a2f1:5d10:86ec (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 34.247.205.196 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.239.72 (Brussels, Belgium) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 70.42.32.31 (United States) 8 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.165.154.245 (United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-154-245.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.7.201.242 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-201-242.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.74.236.159 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.72.199.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-199-212.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 208.93.169.131 (United States) 6 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 124.146.215.50 (Japan) 4 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-200.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.64.191.210 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.129.221 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.174.89.161 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-89-161.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.39.188 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2117:ee00:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.105.128 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-105-128.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.69.175 (New York, United States) 1 redirects

ASN174 (COGENT-174, US)

rbp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.182 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.159.30 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 30.159.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.152 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.131 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.154.107 (Singapore) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 107.154.186.35.bc.googleusercontent.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.163.6 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.242.206 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.51.122 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.94.170.77 (France) 5 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	pubmatic.com 27 redirects image8.pubmatic.com — Cisco Umbrella Rank: 818 image2.pubmatic.com — Cisco Umbrella Rank: 1137 image4.pubmatic.com — Cisco Umbrella Rank: 1409 ads.pubmatic.com — Cisco Umbrella Rank: 651 image6.pubmatic.com — Cisco Umbrella Rank: 989 simage2.pubmatic.com — Cisco Umbrella Rank: 982 simage4.pubmatic.com — Cisco Umbrella Rank: 1434	109 KB
50	doubleclick.net 27 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 261	144 KB
48	gumgum.com 4 redirects rtb.gumgum.com — Cisco Umbrella Rank: 1791 usersync.gumgum.com — Cisco Umbrella Rank: 2073	16 KB
46	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	981 KB
41	rubiconproject.com 9 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248 eus.rubiconproject.com — Cisco Umbrella Rank: 737 pixel.rubiconproject.com — Cisco Umbrella Rank: 388 token.rubiconproject.com — Cisco Umbrella Rank: 748 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2567	94 KB
41	e-planning.net 1 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 2684 s.e-planning.net — Cisco Umbrella Rank: 6738 u-ams03.e-planning.net — Cisco Umbrella Rank: 37506 i.e-planning.net — Cisco Umbrella Rank: 5827 sync.e-planning.net — Cisco Umbrella Rank: 5313	14 KB
38	businessua.com businessua.com	2 MB
34	adtelligent.com 2 redirects s.adtelligent.com — Cisco Umbrella Rank: 6408 sync.adtelligent.com — Cisco Umbrella Rank: 3639	18 KB
33	admixer.net 9 redirects cdn.admixer.net — Cisco Umbrella Rank: 58740 inv-nets.admixer.net — Cisco Umbrella Rank: 3142 ks-match.admixer.net — Cisco Umbrella Rank: 108671	67 KB
27	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 3551 mwzeom.zeotap.com — Cisco Umbrella Rank: 3473	10 KB
27	casalemedia.com 6 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564 ssum.casalemedia.com — Cisco Umbrella Rank: 1560 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760 dsum.casalemedia.com — Cisco Umbrella Rank: 1784	26 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 710 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9104 csm.eu.criteo.net — Cisco Umbrella Rank: 8684	245 KB
19	bidswitch.net 12 redirects x.bidswitch.net — Cisco Umbrella Rank: 372	5 KB
18	adnxs.com 15 redirects ib.adnxs.com — Cisco Umbrella Rank: 275 secure.adnxs.com — Cisco Umbrella Rank: 542	12 KB
18	go2net.com.ua scripts.go2net.com.ua ads.go2net.com.ua — Cisco Umbrella Rank: 569568	269 KB
14	everesttech.net 10 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 964	3 KB
14	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 356 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1650 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545	4 KB
14	crwdcntrl.net 3 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1028 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036 tags.crwdcntrl.net — Cisco Umbrella Rank: 1073	77 KB
13	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 396	3 KB
12	outbrain.com 8 redirects sync.outbrain.com — Cisco Umbrella Rank: 928	4 KB
12	bidr.io 10 redirects match.prod.bidr.io — Cisco Umbrella Rank: 727	7 KB
12	amazon-adsystem.com 5 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 349 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142	9 KB
12	adform.net 3 redirects cm.adform.net — Cisco Umbrella Rank: 1329 dmp.adform.net — Cisco Umbrella Rank: 3746 c1.adform.net — Cisco Umbrella Rank: 720	4 KB
12	creativecdn.com 7 redirects prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7219 creativecdn.com — Cisco Umbrella Rank: 674	3 KB
11	openx.net 3 redirects rtb.openx.net — Cisco Umbrella Rank: 990 us-u.openx.net — Cisco Umbrella Rank: 605	1 KB
11	adpartner.pro 5 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 12611	11 KB
11	onaudience.com 11 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 18442 pixel.onaudience.com — Cisco Umbrella Rank: 3601	5 KB
9	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 984	338 B
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	762 B
8	gstatic.com www.gstatic.com fonts.gstatic.com	140 KB
8	admanmedia.com sync.admanmedia.com — Cisco Umbrella Rank: 3539 cs.admanmedia.com — Cisco Umbrella Rank: 1168	836 B
8	adtarget.com.tr 2 redirects s.console.adtarget.com.tr — Cisco Umbrella Rank: 13070 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 13926	4 KB
8	fwdcdn.com sinst.fwdcdn.com — Cisco Umbrella Rank: 309436	40 KB
7	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 1136 cti.w55c.net — Cisco Umbrella Rank: 4276 tags.w55c.net — Cisco Umbrella Rank: 5151	20 KB
7	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 817	2 KB
7	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 885 dis.criteo.com — Cisco Umbrella Rank: 745 ads.eu.criteo.com — Cisco Umbrella Rank: 8578 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15501 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10057	53 KB
7	1rx.io 7 redirects sync.1rx.io — Cisco Umbrella Rank: 702	4 KB
7	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 87189	2 KB
7	phoenix-widget.com phoenix-widget.com — Cisco Umbrella Rank: 251514 api.phoenix-widget.com — Cisco Umbrella Rank: 375066 stats.phoenix-widget.com — Cisco Umbrella Rank: 402379 img.phoenix-widget.com — Cisco Umbrella Rank: 452668	89 KB
6	contextweb.com 6 redirects bh.contextweb.com — Cisco Umbrella Rank: 678	3 KB
6	stackadapt.com 6 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 976	4 KB
6	exelator.com 5 redirects loadeu.exelator.com — Cisco Umbrella Rank: 9513 loada.exelator.com — Cisco Umbrella Rank: 29169	5 KB
6	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 240	5 KB
5	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 4020 pixel-sync.sitescout.com — Cisco Umbrella Rank: 948	935 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 region1.google-analytics.com — Cisco Umbrella Rank: 2102	42 KB
4	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1400	2 KB
4	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1025 s.tribalfusion.com — Cisco Umbrella Rank: 2306	2 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 5227	1 KB
4	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 48308 ipac.ctnsnet.com — Cisco Umbrella Rank: 6848	1 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	2 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 3076	3 KB
4	quantserve.com 4 redirects cms.quantserve.com — Cisco Umbrella Rank: 1015	2 KB
4	socdm.com 4 redirects tg.socdm.com — Cisco Umbrella Rank: 1218	3 KB
4	360yield.com ad.360yield.com — Cisco Umbrella Rank: 802	793 B
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 667	1 KB
4	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1219	115 B
4	ipredictive.com 4 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1183	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	226 KB
4	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 437	557 B
4	imrworldwide.com 4 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 26293	855 B
4	weborama.fr 3 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26823 cr.frontend.weborama.fr — Cisco Umbrella Rank: 24211	1 KB
4	adition.com 4 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856	2 KB
4	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 615	2 KB
4	nextmillmedia.com 4 redirects cookies.nextmillmedia.com — Cisco Umbrella Rank: 4053	779 B
4	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1195	1 KB
4	disqus.com 4 redirects ssp.disqus.com — Cisco Umbrella Rank: 1602	1 KB
4	lijit.com ap.lijit.com — Cisco Umbrella Rank: 864	1 KB
4	opera.com 2 redirects t.adx.opera.com — Cisco Umbrella Rank: 1719	2 KB
4	ck-ie.com us.ck-ie.com — Cisco Umbrella Rank: 3399	516 B
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1009	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	3 KB
3	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 776 stags.bluekai.com — Cisco Umbrella Rank: 716	788 B
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 757 usermatch.krxd.net — Cisco Umbrella Rank: 1796	935 B
3	mgid.com notify.mgid.com — Cisco Umbrella Rank: 12818 cm.mgid.com — Cisco Umbrella Rank: 1491 s-img.mgid.com — Cisco Umbrella Rank: 7993	31 KB
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 1080	1 KB
3	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20300	603 B
3	tns-ua.com 1 redirects pa.tns-ua.com — Cisco Umbrella Rank: 140314	641 B
3	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1858	2 KB
3	ad-blender.com ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com	184 B
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 10788	2 KB
3	servetraff.com servetraff.com — Cisco Umbrella Rank: 173106	38 KB
2	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 8584
2	erne.co 2 redirects green.erne.co — Cisco Umbrella Rank: 29168	824 B
2	mrtnsvr.com 2 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 3654	352 B
2	gammaplatform.com 2 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3672	1 KB
2	iprom.net core.iprom.net — Cisco Umbrella Rank: 7279	556 B
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1649	565 B
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 1051	2 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 1140	419 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 5515	1 KB
2	brand-display.com 2 redirects dmp.brand-display.com — Cisco Umbrella Rank: 2017	506 B
2	digitaleast.mobi 2 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 27883	361 B
2	adotmob.com 2 redirects sync.adotmob.com — Cisco Umbrella Rank: 2129	562 B
2	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377	207 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1497	953 B
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2427
2	tynt.com ic.tynt.com — Cisco Umbrella Rank: 6713
2	mobfox.com cs.mobfox.com — Cisco Umbrella Rank: 3556	1020 B
2	lemmatechnologies.com 2 redirects sync.lemmatechnologies.com — Cisco Umbrella Rank: 6744	839 B
2	admixer.co.kr idsync.admixer.co.kr — Cisco Umbrella Rank: 85953	2 KB
2	yellowblue.io cs.yellowblue.io — Cisco Umbrella Rank: 2909	641 B
2	rakuten.com s-cs.rmp.rakuten.com — Cisco Umbrella Rank: 19708	523 B
2	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 9589	561 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	67 KB
2	i.ua i.i.ua — Cisco Umbrella Rank: 890858 r.i.ua — Cisco Umbrella Rank: 209589	4 KB
2	sinoptik.ua 1 redirects sinoptik.ua — Cisco Umbrella Rank: 133664	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	141 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	90 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	5 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2445	173 B
1	mxptint.net 1 redirects rbp.mxptint.net — Cisco Umbrella Rank: 5082	696 B
1	nrich.ai 1 redirects dsp.nrich.ai — Cisco Umbrella Rank: 3942	566 B
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 4957	467 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3020	555 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 677	649 B
1	metadsp.co.uk 1 redirects u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5572	237 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 2142	375 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1496	213 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 649	529 B
1	theadex.com dmp.theadex.com — Cisco Umbrella Rank: 20121	84 B
1	bemail.it 1 redirects bn01.er.bemail.it — Cisco Umbrella Rank: 141087	659 B
1	tidaltv.com sync.tidaltv.com — Cisco Umbrella Rank: 2165	67 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 12212	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 722	203 B
1	reimgs.net reimgs.net	165 KB
1	icdns.net 1 redirects icdns.net — Cisco Umbrella Rank: 18394	168 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 8029	345 B
1	onprospects.com 1 redirects pixel-eu.onprospects.com — Cisco Umbrella Rank: 80155	345 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	adriver.ru ua-content.adriver.ru	5 KB
0	banner.kiev.ua Failed banner.kiev.ua Failed
702	131

	Domain	Requested by
44	usersync.gumgum.com	4 redirects rtb.gumgum.com ads.pubmatic.com
40	cm.g.doubleclick.net	24 redirects spl.zeotap.com rtb.gumgum.com googleads.g.doubleclick.net businessua.com
38	businessua.com	businessua.com
30	sync.adtelligent.com	2 redirects s.adtelligent.com ads.us.e-planning.net s.console.adtarget.com.tr ads.pubmatic.com
28	inv-nets.admixer.net	6 redirects scripts.go2net.com.ua businessua.com ads.us.e-planning.net
24	u-ams03.e-planning.net	ads.us.e-planning.net ssum.casalemedia.com ads.pubmatic.com
23	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com businessua.com
23	pagead2.googlesyndication.com	businessua.com pagead2.googlesyndication.com scripts.go2net.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	x.bidswitch.net	12 redirects businessua.com ssum.casalemedia.com spl.zeotap.com rtb.gumgum.com
18	mwzeom.zeotap.com	1 redirects spl.zeotap.com ads.us.e-planning.net ads.pubmatic.com
16	simage2.pubmatic.com	6 redirects ads.pubmatic.com
16	eus.rubiconproject.com	ads.us.e-planning.net eus.rubiconproject.com rtb.gumgum.com
16	image2.pubmatic.com	4 redirects ads.pubmatic.com
15	image8.pubmatic.com	13 redirects ads.pubmatic.com
14	sync-tm.everesttech.net	10 redirects spl.zeotap.com ssum.casalemedia.com ads.pubmatic.com
13	dsum-sec.casalemedia.com	4 redirects ssum.casalemedia.com
13	match.adsrvr.org	ssum.casalemedia.com spl.zeotap.com rtb.gumgum.com ads.pubmatic.com googleads.g.doubleclick.net
13	ads.pubmatic.com	ads.us.e-planning.net s.adtelligent.com rtb.gumgum.com ads.pubmatic.com
13	ib.adnxs.com	10 redirects businessua.com spl.zeotap.com
12	sync.outbrain.com	8 redirects rtb.gumgum.com
12	match.prod.bidr.io	10 redirects ssum.casalemedia.com eus.rubiconproject.com
12	static.criteo.net	scripts.go2net.com.ua businessua.com ads.eu.criteo.com
12	scripts.go2net.com.ua	businessua.com scripts.go2net.com.ua
11	a4p.adpartner.pro	5 redirects businessua.com a4p.adpartner.pro
10	token.rubiconproject.com	eus.rubiconproject.com
10	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	spl.zeotap.com	ads.us.e-planning.net spl.zeotap.com businessua.com
9	onetag-sys.com	1 redirects ads.us.e-planning.net s.adtelligent.com
9	creativecdn.com	7 redirects businessua.com
8	image6.pubmatic.com	3 redirects spl.zeotap.com ads.pubmatic.com
8	secure-assets.rubiconproject.com	8 redirects
8	sinst.fwdcdn.com	sinoptik.ua sinst.fwdcdn.com
7	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	pr-bh.ybp.yahoo.com	ssum.casalemedia.com rtb.gumgum.com ads.pubmatic.com googleads.g.doubleclick.net
7	tags.crwdcntrl.net	s.e-planning.net tags.crwdcntrl.net
7	s.amazon-adsystem.com	3 redirects ssum.casalemedia.com
7	sync.1rx.io	7 redirects
7	rtb.openx.net	3 redirects ads.us.e-planning.net
7	ssum-sec.casalemedia.com	1 redirects businessua.com ssum.casalemedia.com
7	m.trafmag.com	businessua.com
6	www.googleadservices.com	businessua.com
6	bh.contextweb.com	6 redirects
6	sync.srv.stackadapt.com	6 redirects
6	pixel.rubiconproject.com	1 redirects spl.zeotap.com eus.rubiconproject.com
6	ups.analytics.yahoo.com	businessua.com spl.zeotap.com ssum.casalemedia.com ads.pubmatic.com
6	pixel-eu.onaudience.com	6 redirects
6	dpm.demdex.net	2 redirects businessua.com ssum.casalemedia.com
6	cm.adform.net	businessua.com s.console.adtarget.com.tr
6	ads.go2net.com.ua	scripts.go2net.com.ua businessua.com
5	pixel.onaudience.com	5 redirects
5	loada.exelator.com	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com
5	secure.adnxs.com	5 redirects
5	ssbsync.smartadserver.com	ssum.casalemedia.com rtb.gumgum.com
5	aax-eu.amazon-adsystem.com	2 redirects spl.zeotap.com ads.pubmatic.com eus.rubiconproject.com
5	ssum.casalemedia.com	1 redirects ads.us.e-planning.net
5	ads.us.e-planning.net	1 redirects ads.go2net.com.ua s.adtelligent.com
4	uipglob.semasio.net	2 redirects ads.us.e-planning.net businessua.com
4	d5p.de17a.com	4 redirects
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	c1.adform.net	2 redirects ads.pubmatic.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	sync.console.adtarget.com.tr	2 redirects s.console.adtarget.com.tr
4	cms.quantserve.com	4 redirects
4	cs.admanmedia.com	rtb.gumgum.com
4	tg.socdm.com	4 redirects
4	sync.e-planning.net	rtb.gumgum.com
4	ad.360yield.com	rtb.gumgum.com
4	b1sync.zemanta.com	4 redirects
4	match.deepintent.com	rtb.gumgum.com
4	sync.ipredictive.com	4 redirects
4	us-u.openx.net	rtb.gumgum.com
4	pm.w55c.net	4 redirects
4	www.googletagservices.com	googleads.g.doubleclick.net
4	eb2.3lift.com	ads.us.e-planning.net
4	rtb.gumgum.com	ads.us.e-planning.net
4	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	4 redirects
4	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
4	dsp.adfarm1.adition.com	4 redirects
4	pixel.tapad.com	3 redirects spl.zeotap.com
4	i.e-planning.net	ads.us.e-planning.net
4	cookies.nextmillmedia.com	4 redirects
4	sync.go.sonobi.com	ads.us.e-planning.net
4	ssp.disqus.com	4 redirects
4	s.e-planning.net	ads.us.e-planning.net
4	sync.admanmedia.com	ads.us.e-planning.net
4	pixel.sitescout.com	ads.us.e-planning.net
4	ap.lijit.com	businessua.com s.adtelligent.com
4	s.console.adtarget.com.tr	businessua.com s.adtelligent.com
4	t.adx.opera.com	2 redirects businessua.com
4	us.ck-ie.com	businessua.com
4	s.adtelligent.com	ads.go2net.com.ua s.adtelligent.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com phoenix-widget.com a4p.adpartner.pro
3	simage4.pubmatic.com	ads.pubmatic.com
3	a.tribalfusion.com	1 redirects ads.pubmatic.com
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	idsync.frontend.weborama.fr	2 redirects ads.pubmatic.com
3	ad.turn.com	3 redirects
3	exchange.buzzoola.com	1 redirects businessua.com
3	pa.tns-ua.com	1 redirects businessua.com
3	ads.betweendigital.com	3 redirects
3	sync.crwdcntrl.net	2 redirects ads.pubmatic.com
3	ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com	businessua.com
3	ks-match.admixer.net	3 redirects
3	prebid-eu.creativecdn.com	scripts.go2net.com.ua
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	counter.yadro.ru	2 redirects businessua.com
3	servetraff.com	businessua.com servetraff.com
2	matching.truffle.bid	ads.pubmatic.com
2	green.erne.co	2 redirects
2	ad.mrtnsvr.com	2 redirects
2	cm-supply-web.gammaplatform.com	2 redirects
2	ipac.ctnsnet.com	ads.pubmatic.com
2	core.iprom.net	ads.pubmatic.com
2	cm.adgrx.com	ads.pubmatic.com
2	p.rfihub.com	2 redirects
2	rtb-csync.smartadserver.com	2 redirects
2	csync.loopme.me	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	cti.w55c.net	eus.rubiconproject.com cti.w55c.net
2	dis.criteo.com	ads.pubmatic.com googleads.g.doubleclick.net
2	dsum.casalemedia.com	ssum.casalemedia.com
2	dmp.brand-display.com	2 redirects
2	tags.bluekai.com	spl.zeotap.com cti.w55c.net
2	beacon.krxd.net	spl.zeotap.com
2	dmp.adform.net	1 redirects spl.zeotap.com
2	euexchangesync.digitaleast.mobi	2 redirects
2	sync.adotmob.com	2 redirects
2	img.phoenix-widget.com	businessua.com
2	bidder.criteo.com	static.criteo.net
2	pubmatic-match.dotomi.com	businessua.com
2	stats.phoenix-widget.com	phoenix-widget.com
2	sync.targeting.unrulymedia.com	2 redirects
2	vid.vidoomy.com	s.adtelligent.com
2	ic.tynt.com	s.adtelligent.com
2	cs.mobfox.com	businessua.com
2	sync.lemmatechnologies.com	2 redirects
2	idsync.admixer.co.kr	businessua.com
2	cs.yellowblue.io	businessua.com ads.pubmatic.com
2	s-cs.rmp.rakuten.com	businessua.com
2	dm-eu.hybrid.ai	businessua.com
2	www.youtube.com	businessua.com www.youtube.com
2	phoenix-widget.com	businessua.com
2	sinoptik.ua	1 redirects businessua.com
2	www.googletagmanager.com	businessua.com www.googletagmanager.com
2	connect.facebook.net	businessua.com connect.facebook.net
2	cdn.admixer.net	businessua.com cdn.admixer.net
1	stags.bluekai.com	ads.us.e-planning.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	tags.w55c.net	cti.w55c.net
1	rbp.mxptint.net	1 redirects
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	dsp.nrich.ai	1 redirects
1	cr.frontend.weborama.fr	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	ads.stickyadstv.com	ssum.casalemedia.com
1	u.ipw.metadsp.co.uk	1 redirects
1	usermatch.krxd.net	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	sync.tidaltv.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	reimgs.net	businessua.com
1	icdns.net	1 redirects
1	s-img.mgid.com	businessua.com
1	sonata-notifications.taptapnetworks.com	1 redirects
1	cm.mgid.com	businessua.com
1	notify.mgid.com	businessua.com
1	pixel-eu.onprospects.com	1 redirects
1	image4.pubmatic.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com	businessua.com
1	api.phoenix-widget.com	phoenix-widget.com
1	r.i.ua	businessua.com
1	ua-content.adriver.ru	businessua.com
1	i.i.ua	businessua.com
0	banner.kiev.ua Failed	businessua.com
702	194

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
vk.com
sinoptik.ua
click.phoenix-widget.com
clck.mgid.com
nhnnx.store
phoenix-widget.com
www.i.ua
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.go2net.com.ua Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-23`	a year	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2023-06-06` - `2024-06-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-29` - `2023-08-27`	3 months	crt.sh
servetraff.com R3	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.rmp.rakuten.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-20` - `2024-01-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
ads.us.e-planning.net R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-07-26` - `2023-10-24`	3 months	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2022-11-12` - `2023-12-14`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-13` - `2024-06-13`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2023-07-22` - `2023-10-20`	3 months	crt.sh
*.admixer.co.kr Sectigo RSA Organization Validation Secure Server CA	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.mobfox.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.e-planning.net R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
i.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-02-09`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
phoenix-widget.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-12` - `2024-03-12`	a year	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2022-09-13` - `2023-10-15`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-31` - `2023-10-01`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M02	`2023-02-09` - `2024-01-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.tidaltv.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-08` - `2024-07-08`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
dmp.theadex.com R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh
sync.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2023-07-21` - `2023-10-19`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
adpartner.pro R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.iprom.net R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
truffle.bid R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh

This page contains 189 frames:

Primary Page: http://businessua.com/
Frame ID: 183DD42659DDFC37B0A8FD08F79DA413
Requests: 184 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: F43E047FDC08D313C79F331ACEF5D277
Requests: 1 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/61391/c.html?b=61391
Frame ID: D4AE9DB65BAE2F0A67158B1EF10818E0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/61391/c.html?b=61391
Frame ID: D22FBCD2A76F100E767C3F5F235FC721
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&adk=4241144050&adf=1459063552&lmt=1692592522&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&pra=5&wgl=1&dt=1692599722338&bpp=9&bdt=398&idt=296&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7762022059180&frm=20&pv=2&ga_vid=940178178.1692599723&ga_sid=1692599723&ga_hid=934380263&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31077090%2C31077093%2C31077148%2C44798934%2C44799578&oid=2&pvsid=3228640422216500&tmod=1071138358&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=329
Frame ID: 4F714533E35364799AF1FD0C28D23B52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=60&slotname=5382810768&adk=4068248796&adf=2830180937&pi=t.ma~as.5382810768&w=468&lmt=1692592522&url=http%3A%2F%2Fbusinessua.com%2F&wgl=1&dt=1692599722319&bpp=41&bdt=379&idt=394&shv=r20230816&mjsv=m202308150101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=7762022059180&frm=20&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599723&ga_hid=934380263&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=560&ady=832&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31077090%2C31077093%2C31077148%2C44798934%2C44799578%2C44800467&oid=2&pvsid=3228640422216500&tmod=1071138358&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=IOGzZdTret&p=http%3A//businessua.com&dtd=398
Frame ID: 45063964CEC6099C6D1EF92B91E019DE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=400&slotname=1085498814&adk=983172006&adf=20896475&pi=t.ma~as.1085498814&w=240&lmt=1692592522&format=240x400&url=http%3A%2F%2Fbusinessua.com%2F&wgl=1&dt=1692599722537&bpp=1&bdt=597&idt=201&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=5382810768&nras=1&correlator=7762022059180&frm=20&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599723&ga_hid=934380263&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31077090%2C31077093%2C31077148%2C44798934%2C44799578&oid=2&pvsid=3228640422216500&tmod=1071138358&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=1R9PigiGmM&p=http%3A//businessua.com&dtd=203
Frame ID: 8A794D404F2C80E2DD4866021322B02D
Requests: 14 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: FAE17D6C850B0EC19672D0FC92C01BA8
Requests: 10 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 01ECC0A7BEC8AB2DDFED79FD358B144C
Requests: 9 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: 0B31DC6F3745FB94EFB42F6110B26543
Requests: 1 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/61391/c.html?b=61391
Frame ID: 699F28BD3B7C47DB11FC363042AA6286
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 98D0AD55CB6DDE01DD2ADAB19AE5A716
Requests: 7 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/61391/c.html?b=61391
Frame ID: 0C29008A802B1A5211700EC3E5A4DD0E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 5942A7E4124B3C9D18D778A66FBDD1E4
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Frame ID: 179897AEF7A12D8E7410C80B0D93B3D5
Requests: 6 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
Frame ID: 5B8970B6AECC01AD3743230C02FAD5E0
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: C5BF0E3C50B01D7922866EA4B32B1CBC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 2AB43C8D4031A1D7B183C5A07F42DB2A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 3F22A72ABD671E5D22FCE18BD637BABD
Requests: 32 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: 94B8493CDFA8656CB8208C2C26A997E2
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769
Frame ID: B81C5DE77E9CD46F07521DCA3172930B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: C086FF352C0E54808C4B4B5F9BB5F980
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 30D5CA0F5AAFD94CEF623D34AADA31E1
Requests: 12 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 18EAD5F9C6A42697FC285361B0329824
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 728D051D5BEAB9AF2C7CF4FEFDC6367E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 63E3BB8148F4749B1489867F0E6F5F29
Requests: 13 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=658&unit_id=7360
Frame ID: 05F6F81C78C7937FAB61B58E8DD4825A
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: F87532B139079B87DFE8D448001011A4
Requests: 12 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: B457683DD0FA8D7B92249412581D3E9F
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 3903BBC84CF0BE687D5AD23E1BE65059
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Frame ID: 394217F320EC47CE0F7F04DC661BAD4B
Requests: 6 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D
Frame ID: 4A2D9183913C36F68670813E4D7B2348
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 1477A54B61E912AC2E5D9C0EB35F80A3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 96B45B11DFD356732D529E04FB11C663
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 59346F89FBDCEDC828DFAC4DE486FC38
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 14C99E744DE935413754C55CDBAF6B82
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: A52DE0CF3C4F93F9DB73870D16CB1486
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Frame ID: 764638417543807BB824E73894A7D7FE
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 4C941D54B6751BEC9BE8889CF1CF20BB
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMm72uiC9zMlQYVr
Frame ID: AD306FF5C3D657801A2E24BA67E93C72
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: F070D095A5C917AA0FCB2D873405B556
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9affd90f022e513e%26uid%3D
Frame ID: 43BC0CF657CEE57C86D8DE60DDE6DEAB
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Frame ID: 8E49F44AF13F73696BFF0EACDF3B8716
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 51BEC38C5473F796BB680DA1CA76E384
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 0BBE58AE55113E31F68ACCAE47A150A6
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 518030347B595AC9A98AEF5031014009
Requests: 4 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: 4E3D81581A855788F02FFEF5ED892D11
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 3A42E5D569369C353FD0E8D798C47BC7
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: FDD1E39E3979C09BEF6398D81408A144
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 5230547013FB86D77AE48A6941737900
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 644F93B26236CF6D4C02DCD07AC25135
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769
Frame ID: 9BBBDC89FC9B7424F928A4976C240D95
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: D0F9156948CDCCFDA1A9B733D5D432B3
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 0F794111B08B751410010794FDA90101
Requests: 6 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Frame ID: C6B9D7C87B0A5F47D66E189E9D80BA4D
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 8D4BBA3E3B4AD4D19C2A24388C2F90A9
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AMm72uiC9zMlQYVr
Frame ID: CA8EF129CF071908CC53FB4308E79F4C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 50BFD3D5A2F46A1F959C03098590E741
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 2DEFEACBB3B6FF361D802497822BCC34
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 864C556055C7A08D1EC5F793DDC81504
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9affd90f022e513e%26uid%3D
Frame ID: C4C015DCBECD7EB8B19445A2B56BC1F0
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Frame ID: E162BEEC5B42FF71F468D3CC4CDA091D
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 166D93C0EC53A97EBD8EB7CF68F4EAD4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 47B8AE14F8F3438486EF9669E15456F6
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: BCA57A743EE22B95E00995FBDC6C12C6
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAAATNRVABV&gdpr=&gdpr_consent=&_test=ZOMFqwAAATNRVABV
Frame ID: 03999A383B476C9BC7B7D52BAF2911BE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zMzc5ZjA1Zi1kZTM3LTQxMGItOWZiNy1lNTE4OGYzMWYyNTk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 583F105DD072DE903611EF51D8EB3FE4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: C724A0F6CD602542F39BB265CF54AA15
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 231BB469FB00D513E843AD3A486363C7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjXQAAAAA
Frame ID: 2CADE340DC3410D32467D9823024F46E
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 2B56B39BA56F0E877BDCD387CE2DB2AD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
Frame ID: D83329836D9F7EE5C6079D848ADD4318
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: FE40C9AEBF074DABEF5BCF5225F013FC
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Frame ID: 7FDACC2460256D52BFF5E760129578E9
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: CE42CE9FBDEB6407EE5DFD629597F8C3
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMm72uiC9zMlQYVr
Frame ID: B2CE4D884ECC410BB4BAF0BCA44DD3A0
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic
Frame ID: 4DA1807E2475D3D6B9F5CFF2D0CE466D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: 5E451829B2EE9525A08762B74464EAF9
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic
Frame ID: A48115435FD0851B77F936BEE5BF7D70
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: 313B60A43B28F04962B8FC494408CB16
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=&_test=ZOMFqwAG9zxR9gBV
Frame ID: E156F46F0DBC67B8CADD7A0735ECFE6C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zMzc5ZjA1Zi1kZTM3LTQxMGItOWZiNy1lNTE4OGYzMWYyNTk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 9694386299ADA03110DF335709529E9C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 807BAAD8BA2A45185AB5CCA9A58D1C60
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 5E33A0229640C5AF32B4AC5B01F467D9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8XoAAC315PMAAAAA
Frame ID: 0781F9EFF02141C72CEDE21E48342361
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: E17BF54D2F65BD4604834D92799F5ACB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
Frame ID: 9C7E5DA2CFA849D1783EF70E367B220D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 1B4DAF20C8FB666BFF8243D6D4C35D73
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4D341E040846CDCD89A3B2F95AD47180
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=51028780-68B3-433A-8622-5829C1EB2D3F&redir=true&gdpr=0&gdpr_consent=
Frame ID: A9F146516332B80CE6C681F8554D9DA8
Requests: 1 HTTP requests in this frame

Frame: https://cs.yellowblue.io/cs?aid=11576&id=ef9f601d57fe4b11b5c5faa3947ff8e9
Frame ID: E259CE033F8E6FEA38BE0DBAF7FA5C4F
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: E1C3E4F6178DC9E3E2BDCD3DFEFB7DF9
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 2C6A1B8B4809A3FB44A2CA0AE9DF8862
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=400&slotname=8309780813&adk=1515617927&adf=2751417942&pi=t.ma~as.8309780813&w=240&lmt=1692592523&format=240x400&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&wgl=1&dt=1692599723189&bpp=14&bdt=266&idt=416&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2120825259&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=194&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077148%2C44798934&oid=2&pvsid=3224536047048465&tmod=402180048&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.m35ab6d21u3&fsb=1&dtd=438
Frame ID: 80DFAB4407F066575A0870A911161CB2
Requests: 14 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Frame ID: 4B3C47EA8EC3C7BCC943C23833D239FF
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: B0BC583E0DC9D9984CB53FC6ECBD6D9B
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AMm72uiC9zMlQYVr
Frame ID: E40725935725AC2121089675C39802E7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=
Frame ID: FB2E2209943F02C7379C76ABD6176648
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zMzc5ZjA1Zi1kZTM3LTQxMGItOWZiNy1lNTE4OGYzMWYyNTk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 1782188EF51DCA3E1C5420B8F445A171
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 4FF775ED57884282EB46A0C8E0316517
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 5FF2EBA9478FD057D3D816A7E9F516EE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YwAAA481vkAAAAA
Frame ID: EFEAA3DFF6E438C92D279E8E4273DB95
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 3679F0B5210D56BBE46ABF282F22B538
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
Frame ID: 0179F764C131B56DACABE0D77590E847
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 6F554B7B16CF1F15817F20333C8A5690
Requests: 3 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/cms-2c-rubicon.html
Frame ID: AC3C8EB7F9FE5111D0178E7295D3E58C
Requests: 4 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=4b2d6f48-b4c5-4d8b-a93b-2f803cb0eb5b&site_visited=1&location=http%3A%2F%2Fbusinessua.com%2F&referer=http%3A%2F%2Fbusinessua.com%2F
Frame ID: 9E56E34831B793D01BD269F7CBDF79B5
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7360&apuid=9a0d2de9-d435-4a58-95ad-8a3ba8650093&session_pageview=1&session_id=4b2d6f48-b4c5-4d8b-a93b-2f803cb0eb5b&site_visited=1&location=http%3A%2F%2Fbusinessua.com%2F
Frame ID: D7F86345AD0C68157B7276B0D8FF9AD1
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=
Frame ID: 32D17ACFDFAD47901D42DA49100D373C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zMzc5ZjA1Zi1kZTM3LTQxMGItOWZiNy1lNTE4OGYzMWYyNTk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 0883E0754EFDCCF88F3DA93B874C2D8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 064D4D10FB3EC679937EDC4CE9A48256
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 82CED817C269A6490F09BAFDDB6685CD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjYcAAAAA
Frame ID: 1E0C060E20B95B8BF783AB9F7EDE2D3C
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: C2D2B60F6F65BAD1099FEC693E3F7521
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
Frame ID: D785E1621917AE86C7E22A30DB7EC2D7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E9909B44B6F7954D2AA4BDD6D3F3FABB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=1085498814&adk=2361214747&adf=2751417948&pi=t.ma~as.1085498814&w=240&fwrn=3&fwrnh=100&lmt=1692592524&rafmt=1&format=240x200&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1692599723727&bpp=3&bdt=348&idt=404&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2060603787&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1623&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077088%2C31077148%2C44796632%2C44799579&oid=2&pvsid=3603909718987259&tmod=1466212727&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.mnioe35iproq&btvi=1&fsb=1&dtd=415
Frame ID: 457BBD433DDDD318C618E5D7BBEC92D6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3240B89FA48E4BCDEC4D2A302FACB217
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B94AFE40F32D126C3B6802E29FFE0F8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 7AF0071F0826B59F87281A49889D3462
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 9BBA3E90C2BE70393B26A1D33903A9A6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7359BBC7BBE3557857B7575D92E3DFF0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D6EE0346E723BA15508B3BF100FC707
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2BF6DEC22C38449326903EC9A07A0ADA
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOMFrAACxFoKwlYEAAE_P1LbKKAuadOGTshKnA&u=%7C7P2VmhRcD7u%2BXII0ZeqGOUMq9MiZ0Oo5Syo9fC2tgzc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoBmqa3RQ6gpd9v31IWGemPmd6pE6xwN6eeTDV3lrOjVmZCqAcnW6my4p1HNJJAvEjubLhGdW5mCmpk6pTLuhPZOoeZ144E0Ud4RC1Mbhiqb-E4zRqew3SQFSA8O9_iDD_w6OGx_9j5lg2daaKuLFyndJ35djN9uVdy9Xr9vS3XKBkkhYs7KY3F_drGF85XJpKVGvtK7M-YRMCzSYeZ07OdJlrYtkvmcQ-mkWW5ooqBeyNz3jBQP0jRlEfHch-JKhJzJrLgv0IisZJq05JtSK2gAk9PVJXnZGYUU3TIfRYoEjt2DcxVOTnngQbYBSRA_BGEcPpkWU7mQ9455Rla_XrybNGCL-LASDt0p-McOPcRJCy2FR1SNmLfa-tLiwqHDgyGkW58wtDH6NYjXiwbHVenerF2WL-QnJ9pyBTCHl7ulXoOb-eLZr0JmlgdBrQOO1-pOZXkFhmtcksXRqvAsNuA0UZ271bIGk_1EfcVsSjOnqw-xx6MoRcOeQiUyhBvascT-tCsvdw7V7nip50fPYnJdRLytoUiFSy_JnsvmZ3L_p-eowZRj-TN9w4qZFobgKdqkv82C3YD6l&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmVRmrAXjZNqIC4SsiQa__oR4yZ7SsVy96ZX3cMCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi00NTc3MjU0NDM1NTk3MTA0yAEJqQI9mh0vtj2yPqgDAcgDAqoEwQFP0HOlADdtIENXK6VV-_LlRCCT82g85R_aFdDg4doorabx04pDw7_aijfBd-C2T35duSrJLa6V5WZBM1HZgsVG4BBUUo_XZS2sPQ4rVr0OjSl6gGqDvsPYoVFE2F6f9-hI5fA9u9rujLKEdMtpwIDYUEZVumxswE8hs1OrcD5ct1GsO6GceidqFTbJxObEGymwTIWXO2-aRIc_rCmYfBUAjrOAWFW8yjZ1VSJiCXLAtZp4tIUdo9hfkB3VdKrZ5fRVgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2klr2meR8nrNCyF-N5FK-F8UrdXw%26client%3Dca-pub-4577254435597104%26adurl%3D
Frame ID: 1A88F2D244429D305DF79D0B78FAB642
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A3DC33FBE5971C729B54D471F014ECFC
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225335b35b-1535-4787-b3f0-653a5ba28066%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A7360%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fbusinessua.com%252F%2522%257D
Frame ID: F96139DB8AC33ECB2E5DFFC9C3360948
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 14C74A2ECB6C7651E7D361A7231ABE28
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
Frame ID: 43F6B2FA8738C58A3CD0B55ADF1232E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=
Frame ID: F5DFC85FF6963C194B83573B5B2CE45F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=
Frame ID: 4A22EB089BE0B170C9C061E1D9CC3CE8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 6828E52569E10508FA4C1790ABAE8A3A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: B704E7789549D10ED45B6550B29D5F15
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=
Frame ID: C85A76C690A130A954D33FC6B957D39F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: C8BA17C0AAC1F0CB2E28E065F4F5EAD0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420682872783
Frame ID: C8207F6467307BBCD5BC1A0350ED6790
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 71FB26B5ED738C8465FA13C5EC879C82
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529
Frame ID: 807353FF39E217A974C4032B625E1CAA
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 1754A4C1AFA0B8DAE95A2FD02B49AE65
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: B831BC09D603DFDE9261ED4B6E060433
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1kk9l9iui7ho
Frame ID: 67EEBA4CE7B7A72D148B933CAF314F3C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
Frame ID: EB63252A46FDC5E4849104C835175905
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=
Frame ID: ACEE7F27F0968C6854AC547F53EFCED0
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: DF5F94B25DDF8F20FEF57C2DAE347483
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 8F53549821C2B23BB1F55E8CB2F6A764
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=
Frame ID: FC2D320BB21205860FAB4105ACD09694
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2569610039
Frame ID: CED85DD8A66A45B036275EE9B8F846D0
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=437f72dac62c6c49&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: F2C65B493E53BE0CAF32C97061D13EAD
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
Frame ID: 5E04AF0F4E3D7425A33F2A317089C7DD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=
Frame ID: 328CEF5B7E91E1714362D75F11F7243A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=
Frame ID: AAC5A55D293B936355971FF45206B276
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: FD86AEB221807ECA1BA99B2DB97C51E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 57864CAE6DC7976B4A90819908BB8E54
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=
Frame ID: 9DDCAE398F1AF4E7761256AA58842953
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: 865418B21E65072F9D5DAFC2AA995F4D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926780026029
Frame ID: 86655737E86E889641807A670EF78615
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 53260352E88ADDEC4EABCC6E3B74B0AE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529
Frame ID: FD81107D8F71A790BE7351B2777F003D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 88053BCB2DFB267E54C2559E8CB2D718
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F1AFDD8538D51688CEC88FD85CC305FB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=18ernjholz5n
Frame ID: EDED4F60AEDCA1ABEF0F6B2C0BBA0531
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
Frame ID: 7125136D1DB733E1C0930809D2A761A2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=
Frame ID: 39D0D31AA56EC8EB00FD0737F0ABFB23
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A9EB4042F567F7C0C2323B4B1083BED0
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 2B8C09F151ED4C856106C8940D1B82EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=
Frame ID: C970BE337B033C96EAA70AD3385A4D10
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8588169826
Frame ID: D79D54A827D1F13F4578162FFD16F344
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=437f72dac62c6c49&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 0F994928776EADC8D0FB0D74FA24911D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 828A8A77014724C44337E9E9AFB47C3C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 902F25EDCC9733037F618FB896D61A79
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=437f72dac62c6c49&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: EFA35DBCB28A432C21FD3EFA9EC88D32
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=437f72dac62c6c49&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 5BEE5033F8683746799CB98211E8BDB7
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=9affd90f022e513e&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 59A386EC5DB3D5E205312E206F90E39F
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: E9FC5FD9B643F21A90779BC5E68DD9FD
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 6B35A9053E23D64BC673E9304DF739D8
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: DC68ADEF13924D596AAD2297D3204856
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=9affd90f022e513e&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 47AAFEE7FF13BAD5882C70ED1F9574C1
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=9affd90f022e513e&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: FB2CEB36296C25E378CC4AAC347111CD
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 9770309699064A22FCDF76386CEC7BC6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 7FB98461E67983C12F92A9D21FDD4007
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: F1D43F1297C9296F5A5595E377DF382C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 83C8E13DA868540A0DEE641E704E72F2
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=9affd90f022e513e&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 4A673B8540E6A29E1AAF03291B736966
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: BE40A13789FA7109CD139410B0A09A55
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: B71E023C48837E7F252B644BC4BEF0FA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: C9183D6A98BD841888C5778C66FEFC69
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 2D6D660DA8D5B985B7F6B9DFBEB0AD1C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 3630B6DE3D01584D23938D59CFFC9AAB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Frame ID: 19A235F1DE6FA163152A216DAA03C62C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Бізнес новини України | Бізнес UA

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

702
Requests

71 %
HTTPS

21 %
IPv6

131
Domains

194
Subdomains

129
IPs

23
Countries

5057 kB
Transfer

9315 kB
Size

170
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/businesua

Search URL Search Domain Scan URL

URL: http://twitter.com/businessua

Search URL Search Domain Scan URL

URL: http://vk.com/club2104060

Search URL Search Domain Scan URL

URL: https://sinoptik.ua/

Search URL Search Domain Scan URL

URL: https://sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%BA%D0%B8%D0%B5%D0%B2
Title: Киев+25°влажность: 67%давление: 749 ммветер: 2.0 м/с,

Search URL Search Domain Scan URL

URL: https://sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%BA%D0%B8%D0%B5%D0%B2/10-%D0%B4%D0%BD%D0%B5%D0%B9
Title: sinoptik.ua

Search URL Search Domain Scan URL

URL: http://click.phoenix-widget.com/go/60c30833cfbe90fe5ed278a0/.eJx1kNtu4yAQhl9l5Yu9qh0y2AZHsir1EfYFogGGGDUGi0Oa7WrffWm87V3v4Oebw8efpsRrc2qWnLd0OhySdxvFFX0Xy-HWXq5FOY_3Nrt7uIQ2vBJ6bIPyGMv74q6u9eTeb5SyD9Smkpalnm_h8Fzyek6hRE3ztgTy7v7zI1rJuLLOetOPq8Z1Q3fx82CIRjZBbzlYGgSABrTUP6hcV5pHpjmTnGuraGKVIQNCItv7BJ_J53kEqqGwFVWqJwShBuRqap6aLQZNKYVYdXWI1H0FqYvoTVg7hYm6F_Se4q9HUsvenLlQPjtTy_YVSB8l2klPQhEKwQWr2P7-_fRP0b3Rd7YVXDAtO8QHK5iQSuKgGVgDH9YTMd0Lro4KKpzdWr-7tq44MOAtky0cf7DxxIcT8I4xOMqhgiVR_O_QE2cDouS9ZtIA9KNiSlKF1MP8nH9vVEFDFss1N3__AbRgr80.1VShoSJPTi1ps3ayE-vi4VVLDQQ
Title: Наши дети будут плавать уже не с рыбками. В Тихом океане обнаружили неизвестное существоРеклама

Search URL Search Domain Scan URL

URL: http://click.phoenix-widget.com/go/60c30833cfbe90fe5ed278a0/.eJx1kU2O3CAQha8SeZFVbGPAgFuyIuUIc4FWgYu2Zxqw-OlMazR3D91Ospslj69e8R4fTYnX5tSsOe_p1PeXEhOmzedQYmeC6-EtF7j6O7Y-3ELKW-_R-XAJ7R2SfwhtaG9mxQhp9fjavkGGlGOw2N7alMHpcsV-oFRSLvqfJbtzquYG530N6Lf37w_J4bIVN5vdPI8G3A7bxc-j1VTiIBlOnCoUlqDUmi5PKmN0syCGEcWYsRonYnHEhUoF5PAJPqPPs2DSTNMohWagmdUwcC6INc2PZo_BYEoh1hZMiNj9F1IXwS_BdRoSdr_Ae4wvT6WO_d6WC-bzttSx4wloBgV2MpPUCFIySSp23H-9_V_Qw-irtBVca70HZLjWSCc2LFzTURjBharL-VjNrTK8wnlz-Kh-rzgllLVEtXT4RsSJjSfKOkIoH2kFS8L4NwNHRkYAxbghaqH1szTRCiukn8nP-b5jBRe0UK65-fwDcXy3LA.hB98Bi_TKWfZSG8C9RNnWlw5Flk
Title: Происшедшее в Стамбуле и все сведенье о немРеклама

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16805860/i/57825417/0/src/222371339/pp/1/1?h=NQcDJSk1enk2Cbi3q4m352Ca2QSU9GrLcTjh4f5r9q3d9jdDHgWO7Wn3rVz732eiIvyr90s5bwPFh_Bm7Xl7GQ**&rid=e7ad7334-3fec-11ee-96bf-e43d1a2a79f4&ts=Direct&tt=Direct&att=3&pubsrcid=businessua.com_60c308ec18af9c97bea77370&gdprApplies=0&st=0&h2=gvpGhpzzTqf0FXplnRKj10RxcJ23_jJ5wHfAWG10YQA*
Title: Ärzte verblüfft:Fußneuropathie-Gerät erobert Deutschland im SturmРеклама

Search URL Search Domain Scan URL

URL: https://nhnnx.store/b2/c/c/redir?cid=1&did=QGhScWI&eid=623&nid=1&sid=3307393078NwlHaRpa&ts=1692599722&ttl=7200&v=v5.7.18
Title: Möchten Sie abnehmen?Реклама

Search URL Search Domain Scan URL

URL: https://phoenix-widget.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/businesua/
Title: BusinessUA

Search URL Search Domain Scan URL

URL: https://www.i.ua/

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

http://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ru HTTP 301
https://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ru

Request Chain 79

http://counter.yadro.ru/hit?t19.11;r;s1600*1200*24;uhttp%3A//businessua.com/;0.4307816316238886 HTTP 302
https://counter.yadro.ru/hit?t19.11;r;s1600*1200*24;uhttp%3A//businessua.com/;0.4307816316238886 HTTP 302
https://counter.yadro.ru/hit?q;t19.11;r;s1600*1200*24;uhttp%3A//businessua.com/;0.4307816316238886

Request Chain 101

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 104

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTEwMjg3ODAtNjhCMy00MzNBLTg2MjItNTgyOUMxRUIyRDNG&gdpr=-1&gdpr_consent={consent} HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent={consent} HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=%7Bconsent%7D&partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D51028780-68B3-433A-8622-5829C1EB2D3F&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=51028780-68B3-433A-8622-5829C1EB2D3F

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEK_fYmyYWFC4uAEDN3kyUes&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 106

https://ks-match.admixer.net/?am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&site=90CA6F81-66E0-406E-97BC-7925D4BFDD2C&ip=80.255.10.202&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.96+Safari%2F537.36&page=businessua.com%2F HTTP 302
https://ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/?write-to-ch=0

Request Chain 107

https://ib.adnxs.com/setuid?entity=533&code=ef9f601d57fe4b11b5c5faa3947ff8e9 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Def9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZWY5ZjYwMWQ1N2ZlNGIxMWI1YzVmYWEzOTQ3ZmY4ZTk=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEMJU7itI_aktOckdVV5BTUM&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 109

https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZWY5ZjYwMWQ1N2ZlNGIxMWI1YzVmYWEzOTQ3ZmY4ZTk=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEEPHOeV-AqmfgHtvQ3BBCYI&google_cver=1

Request Chain 113

https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID

Request Chain 116

https://x.bidswitch.net/sync?ssp=admixer&user_id=ef9f601d57fe4b11b5c5faa3947ff8e9&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=ef9f601d57fe4b11b5c5faa3947ff8e9&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://pixel-eu.onprospects.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadmixer%26gdpr%3D%25gdpr%26gdpr_consent%3D%25_gdpr_consent HTTP 301
https://pixel-eu.onaudience.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadmixer%26gdpr%3D%25gdpr%26gdpr_consent%3D%25_gdpr_consent&onp HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=39d1cbc10696232e/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D270%2526expires%253D10%2526user_id%253DNrGB8F9IYRQbjhjbaURUXYXn%2526ssp%253Dadmixer%2526gdpr%253D%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3DNrGB8F9IYRQbjhjbaURUXYXn%26ssp%3Dadmixer%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=NrGB8F9IYRQbjhjbaURUXYXn&ssp=admixer&gdpr=&gdpr_consent= HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&consent=&gdpr_pd=

Request Chain 118

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1&rts=-6038073696628279715 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4bc6eae5-2ae8-52e9-97d2-0e87f3310b2c

Request Chain 119

https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1

Request Chain 121

https://ks-match.admixer.net/?am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&site=9FDD1D39-D632-4A1F-A6F6-008584274F13&ip=80.255.10.202&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.96+Safari%2F537.36&page=businessua.com%2F HTTP 302
https://ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/?write-to-ch=0

Request Chain 123

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5335b35b-1535-4787-b3f0-653a5ba28066

Request Chain 125

https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Def9f601d57fe4b11b5c5faa3947ff8e9 HTTP 302
https://cs.yellowblue.io/cs?aid=11576&id=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 126

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=ef9f601d57fe4b11b5c5faa3947ff8e9 HTTP 302
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZA34D5DA4BFE4E979CA1DEB100B21A27&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 127

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=ef9f601d57fe4b11b5c5faa3947ff8e9 HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 131

https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Def9f601d57fe4b11b5c5faa3947ff8e9 HTTP 302
https://x.bidswitch.net/sync?ssp=lemma&user_id=e8234bbe-3fec-11ee-a4de-801844df0ab8

Request Chain 146

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D437f72dac62c6c49%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=437f72dac62c6c49&uid=5538126985213991769

Request Chain 147

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D437f72dac62c6c49%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=437f72dac62c6c49&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a

Request Chain 149

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D437f72dac62c6c49 HTTP 302
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49

Request Chain 151

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 153

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1

Request Chain 159

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769

Request Chain 166

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5538126985213991769

Request Chain 168

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=279b1ace-7e34-494c-aa59-4d9ef14677a7

Request Chain 169

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1eada23a-6f13-4b6a-a53b-bce79e765870

Request Chain 171

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1692599723061 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1365395517 HTTP 302
https://sync.1rx.io/usersync/turn/7184923818344317381?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003

Request Chain 172

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 177

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D437f72dac62c6c49%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=437f72dac62c6c49&uid=5538126985213991769

Request Chain 178

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D437f72dac62c6c49%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=437f72dac62c6c49&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a

Request Chain 180

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D437f72dac62c6c49 HTTP 302
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49

Request Chain 186

http://a4p.adpartner.pro/media?site_id=658&unit_id=7360 HTTP 301
https://a4p.adpartner.pro/media?site_id=658&unit_id=7360

Request Chain 192

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4bc6eae5-2ae8-52e9-97d2-0e87f3310b2c

Request Chain 194

https://ks-match.admixer.net/?am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&site=9FDD1D39-D632-4A1F-A6F6-008584274F13&ip=80.255.10.202&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.96+Safari%2F537.36&page=businessua.com%2F HTTP 302
https://ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/?write-to-ch=0

Request Chain 196

https://x.bidswitch.net/sync?ssp=admixer&user_id=ef9f601d57fe4b11b5c5faa3947ff8e9&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=ef9f601d57fe4b11b5c5faa3947ff8e9&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_eebf722a-854f-4970-89f2-d29f24b9d05a&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&consent=&gdpr_pd=

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEK_fYmyYWFC4uAEDN3kyUes&google_cver=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 204

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5335b35b-1535-4787-b3f0-653a5ba28066

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZWY5ZjYwMWQ1N2ZlNGIxMWI1YzVmYWEzOTQ3ZmY4ZTk=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEA-_WonBlphanVxeN7BYAvc&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 210

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent={consent} HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent={consent}&piggybackCookie=CAESEJkNMS8zA2ng-Lj7r2-LFts&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}&us_privacy=${US_PRIVACY} HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent={consent}

Request Chain 214

https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Def9f601d57fe4b11b5c5faa3947ff8e9 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=ef9f601d57fe4b11b5c5faa3947ff8e9e8234bbe-3fec-11ee-a4de-801844df0ab8

Request Chain 218

https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Def9f601d57fe4b11b5c5faa3947ff8e9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=0 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=0&piggybackCookie=CAESEJkNMS8zA2ng-Lj7r2-LFts&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0&us_privacy=${US_PRIVACY} HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=0

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZWY5ZjYwMWQ1N2ZlNGIxMWI1YzVmYWEzOTQ3ZmY4ZTk=&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEEShP6sh19xxxMRNCHMIQ8A&google_cver=1

Request Chain 221

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 230

https://icdns.net/b2/c/i/icon?cid=1&did=QGhScWI&eid=623&nid=1&sid=3307393078NwlHaRpa&ts=1692599722&ttl=7200&v=v5.7.18 HTTP 302
https://reimgs.net/P1jpxuMTR3WIwNHYHBUkjlWOazNLCwjkUiad8pMe.png?x=0&y=0

Request Chain 233

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1

Request Chain 235

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOMFqxm6LbaPmu.dTkmN8gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2

Request Chain 236

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 239

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

Request Chain 246

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=9a25b7e4-eac2-422c-978c-e6b52eed63c2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Request Chain 253

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=eb1bb156-f82b-4801-4687-46190b511460&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=73443300314894343833732874422972847834&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Request Chain 255

https://bn01.er.bemail.it/zeotap.php?_bid=eb1bb156-f82b-4801-4687-46190b511460&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2023082108-75753-0.246015001692599723-ed498d165fc494abd468c9efd7f411a7&zdid=533&env=mWeb

Request Chain 256

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7269660455508244640&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Request Chain 257

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=eb1bb156-f82b-4801-4687-46190b511460 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=eb1bb156-f82b-4801-4687-46190b511460

Request Chain 258

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=eb1bb156-f82b-4801-4687-46190b511460&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361 HTTP 307
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=eb1bb156-f82b-4801-4687-46190b511460&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361&bounce=1&random=4158977818 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=2nIwEPapCtjywpHZjr5EtO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Request Chain 260

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=eb1bb156-f82b-4801-4687-46190b511460?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Request Chain 261

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP

Request Chain 262

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=In0q0dN0j7bdUa%2FDq8ZDGbFYcoqntT8P%2BS41iYitP1U%3D

Request Chain 266

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361&_test=ZOMFqwAKK4O8TgAN

Request Chain 267

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=Pv3YDHj5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=eb1bb156-f82b-4801-4687-46190b511460

Request Chain 268

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=eb1bb156-f82b-4801-4687-46190b511460&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=eb1bb156-f82b-4801-4687-46190b511460&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361&dcc=t

Request Chain 270

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Request Chain 280

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9affd90f022e513e%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9affd90f022e513e&uid=5538126985213991769

Request Chain 281

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9affd90f022e513e%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9affd90f022e513e&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a

Request Chain 283

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D9affd90f022e513e HTTP 302
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9affd90f022e513e

Request Chain 284

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOMFqxm6LbaPmu.dTkmN8gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1

Request Chain 287

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 289

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5ef1dea9-3d79-cd45-09fe7556

Request Chain 296

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 308

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769

Request Chain 310

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5335b35b-1535-4787-b3f0-653a5ba28066

Request Chain 312

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=279b1ace-7e34-494c-aa59-4d9ef14677a7

Request Chain 314

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5538126985213991769

Request Chain 315

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1037165404 HTTP 302
https://sync.1rx.io/usersync/turn/7256981412382245317?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003

Request Chain 317

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 320

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3Dbbb47599-704c-4e2c-6bfe-0020bdebb9e8%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=bbb47599-704c-4e2c-6bfe-0020bdebb9e8&zdid=1361

Request Chain 333

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOMFqxm6LbaPmu.dTkmN8gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1

Request Chain 335

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 336

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=05cM3gbG1QxYvx5

Request Chain 337

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

Request Chain 339

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZOMFqwAAAyOJyAA4

Request Chain 350

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D5381ee60-b43e-41a0-6924-f5496f99938e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=5381ee60-b43e-41a0-6924-f5496f99938e&zdid=1361

Request Chain 365

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9affd90f022e513e%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9affd90f022e513e&uid=5538126985213991769

Request Chain 366

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9affd90f022e513e%26uid%3D%24UID&partner=eplanning HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9affd90f022e513e&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a

Request Chain 368

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D9affd90f022e513e HTTP 302
https://u-ams03.e-planning.net/um?uid=csuid_23958d71-c7d2-4c28-9d2b-402231eeb00a&dc=b337141cfdc8cf59&fi=9affd90f022e513e

Request Chain 369

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769

Request Chain 370

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4

Request Chain 371

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3379f05f-de37-410b-9fb7-e5188f31f259&obuid=ENC(rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 373

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202

Request Chain 375

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd

Request Chain 377

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 379

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=C0DGIA7skedG&ev=1&pid=558355

Request Chain 386

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 393

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZOMFqwAAATNRVABV HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAAATNRVABV&gdpr=&gdpr_consent=&_test=ZOMFqwAAATNRVABV

Request Chain 397

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjXQAAAAA

Request Chain 399

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum

Request Chain 400

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 405

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769

Request Chain 406

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=avYxxmz3NZdx-zKWZfJ5xjr2ZMZx-zXMOfXd_Lvl

Request Chain 407

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3379f05f-de37-410b-9fb7-e5188f31f259&obuid=ENC(S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 409

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202

Request Chain 411

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=7df6ad57-140c-4d80-acb6-f5cfe69c410a

Request Chain 413

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 415

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=PwdElUWVT5fc&ev=1&pid=558355

Request Chain 423

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic

Request Chain 425

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=183b807fcc154014

Request Chain 426

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic

Request Chain 428

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=183b807fcc154014

Request Chain 431

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOMFqxm6LbaPmu.dTkmN8gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2

Request Chain 432

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1

Request Chain 434

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 435

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5ef1dea9-3d79-cd45-09fe7556

Request Chain 439

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZOMFqwAG9zxR9gBV HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=&_test=ZOMFqwAG9zxR9gBV

Request Chain 443

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8XoAAC315PMAAAAA

Request Chain 445

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum

Request Chain 446

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 449

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xDnTHcI410zfNNBKkW6bGpc5hxnfaYQdxj_Z3--L HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs.yellowblue.io/cs?aid=11576&id=ef9f601d57fe4b11b5c5faa3947ff8e9

Request Chain 450

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5538126985213991769&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7256981412382245317&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bfc44793-c7fd-48de-afcf-538ceda8f802&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5538126985213991769 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 452

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UQKHgGizQzqGIlgpwestPw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 454

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=51028780-68B3-433A-8622-5829C1EB2D3F

Request Chain 455

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=51028780-68B3-433A-8622-5829C1EB2D3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NTdtMGU1cXR0dzVUV1NoSy1qcHhqd3llQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=35027868504681717&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 458

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=35027868504681717 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 461

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=0047e83e-3817-4af4-a770-e959e1b3071f&expires=1&user_group=2&ssp=pubmatic&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Request Chain 467

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D8b6336ba-99af-4a5e-70cb-68e14b730e61%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=8b6336ba-99af-4a5e-70cb-68e14b730e61&zdid=1361

Request Chain 471

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769

Request Chain 472

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=KiO2oSwisvAxLrX2f3T-pnkj4qUxc-GhKCVWPkUm

Request Chain 473

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3379f05f-de37-410b-9fb7-e5188f31f259&obuid=ENC(rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 475

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202

Request Chain 477

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd

Request Chain 479

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 481

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=RsqZNn12fCG2&ev=1&pid=558355

Request Chain 491

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=

Request Chain 495

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YwAAA481vkAAAAA

Request Chain 497

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum

Request Chain 498

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 508

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769

Request Chain 509

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=0fe568ef-1c0c-4c34-9894-0966d77919fa&ssp=gumgum2&expires=30&user_group=5&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4

Request Chain 510

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3379f05f-de37-410b-9fb7-e5188f31f259&obuid=ENC(S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 512

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202

Request Chain 514

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd

Request Chain 516

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 518

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=u8oJMu0ZqNYt&ev=1&pid=558355

Request Chain 525

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2UBEUiKFQOq7oe2MwqCjsA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2UBEUiKFQOq7oe2MwqCjsA

Request Chain 526

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKNOdIOYXNPDDKAlqodRx-M&google_cver=1

Request Chain 531

https://rbp.mxptint.net/sn.ashx HTTP 302
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33646_107BE7E14_11B34E646&expires=60

Request Chain 533

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=

Request Chain 537

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjYcAAAAA

Request Chain 539

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum

Request Chain 540

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 561

https://googleads.g.doubleclick.net/pagead/adview?ai=C1iVKqgXjZJS9L42aiQb6hbH4CZyhsLhyxbmAoccRqpf-3uY_EAEgrOT2CGCVqp-CsAegAciQjr0DyAEJqQI9mh0vtj2yPqgDAcgDywSqBMcBT9Bcmd73Z-Wdd3Agqf_0Yf3asHaYiOpqTLLrMb3a0ceCkgfngudpuOztIDsE_yzD8fSOfWhqNIyjCdVA2zVZSIgJL1nD5TWKjfm_zS4Mr1Gy_9Pz6AhKu8MFZ2SP3DUBFvlVMpmKwrCxt2wSsezGANK-rO3lJmSBWHsXSuqzwnx7Ym8OZIlnJKjd4Jxv_PB4WOx-LwN8CYuqbT_QMBg-CKDg_gReXNxa5jxiV4Dk5mCV_-0I0kcFBPINgo2Z_6AG44l6ruZ6McAEkfba_LEEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6Dv8UKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCvyQPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgl2aHR0cHM6Ly93d3cuYnJpbGxlbi5kZS9hbmdlYm90ZS9kZWFscy9kb3BwZWxwYWNrLWdsZWl0c2ljaHRicmlsbGU5OT9hbWM9c2VhcmNocGFpZC5icmlsbGVuZGUuNDk1NTgzLjUwNDc2NS5DUlRUclZ2WFBLRIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi00NTc3MjU0NDM1NTk3MTA0GAA&sigh=P7UJ1y67OHE&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWAWCRnSMXkKLL7jstjxhXe8YKrS5awxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212906541757908357446%22,%22debug_reporting%22:true,%22destination%22:%22https://brillen.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22933464136%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214805264933602068241%22}&andc=true

Request Chain 563

https://googleads.g.doubleclick.net/pagead/adview?ai=CcR7vqgXjZJmVLvaNiQau166YAbnp45ty9sPkrqoRj_SQ49cCEAEgrOT2CGCVqp-CsAegAZbm448pyAEJqQI9mh0vtj2yPqgDAcgDywSqBNcBT9AmBQB5DQIECCH9LJi3wdowCUOaaKCxREphUvBoklO-MOL2Ycpx2_VTrbmT2AdoFqnP9HojheEVdMokvhKmnB-IzuEzAEySsujU3RS2gknpFaXw2F3MHSOyolD8PZE8AyI204z0OAqOQWnydwx-jobTEwywsbV3hrtrlrQD5ITImvPNv4ch5_nS1nfR6k-JrK7qUB95Olj8n6Ushe7GVg3-sj3McdgxgrAAW52VoImYnWu1D0p6P81RvSNZCeQNVU9DBO5lF2Kbi3MwgWbqLY_DfUWjNnLABML237mmBJIFBAgEGAGSBQQIBRgEoAYugAeWnrTvA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENyGDNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSdodHRwczovL3d3dy5yaGVpbi1ydWhyLXNvbGFydGVjaG5pay5kZS-ACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTQ1NzcyNTQ0MzU1OTcxMDQYAA&sigh=6_hIOAf5J9o&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW26L96a768Fq9cHkFi7uVi9Q4HK4AdxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210305800974827408555%22,%22debug_reporting%22:true,%22destination%22:%22https://rhein-ruhr-solartechnik.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211038946070%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210021055117726806081%22}&andc=true

Request Chain 571

https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDVjTTNnYkcxUXhZdng1&google_cm HTTP 302
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cver=1

Request Chain 575

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 585

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmSDscrLM87gr7xYVALi9G3fN3tszvpODuIBPuT7twHqKUhwQoPXsRXVeVvc1c_TNhNqolmSxGys2WVlY7h6OTTqZgk-KSDS7GRB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk9NRnF3QUc5enhSOWdCVg==&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmSDscrLM87gr7xYVALi9G3fN3tszvpODuIBPuT7twHqKUhwQoPXsRXVeVvc1c_TNhNqolmSxGys2WVlY7h6OTTqZgk-KSDS7GRB

Request Chain 586

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENaddOD0bByBpsjqCK5p9c8&google_cver=1&google_push=AXcoOmRD7m0iFT4WKvPqRPWWU30jQrGn3lLp4o_4aKMso5BYflPfZn5Ls1dDcJ-2f0nDB4IHgC9tveJGibDvc_U_ShWK5mWzGK0rRUUm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRD7m0iFT4WKvPqRPWWU30jQrGn3lLp4o_4aKMso5BYflPfZn5Ls1dDcJ-2f0nDB4IHgC9tveJGibDvc_U_ShWK5mWzGK0rRUUm&google_hm=kN1-wudYSW6KU9tXpSH3Uso

Request Chain 588

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECchiKKVKzVuXHmSFZmklHs&google_cver=1&google_push=AXcoOmS8CnZ6mRPT_4iLEuvqAvVHPUQnKVEKieQo0PFlAo791updXwWUeuDOe16zaJK2YdXu_TQmtYF7QZ_tVJiqXrTHGc0m0mG3sik- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTY2MDQ1NTUwODI0NDY0MA%3D%3D&google_push=AXcoOmS8CnZ6mRPT_4iLEuvqAvVHPUQnKVEKieQo0PFlAo791updXwWUeuDOe16zaJK2YdXu_TQmtYF7QZ_tVJiqXrTHGc0m0mG3sik-

Request Chain 590

https://d5p.de17a.com/cookies/google?google_gid=CAESECB0KP0qp-dpHuxhNsW9gYs&google_cver=1&google_push=AXcoOmSwNuu7D2Yec8ZkzZCiiXH1YAYQPrtUZA6Cub0v3zvB2l2hcILk4P_3fUzj9DTDxuwU1aywGc8sdnPrv2UI8UKIWTOyWcjDJTE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECB0KP0qp-dpHuxhNsW9gYs&google_cver=1&google_push=AXcoOmSwNuu7D2Yec8ZkzZCiiXH1YAYQPrtUZA6Cub0v3zvB2l2hcILk4P_3fUzj9DTDxuwU1aywGc8sdnPrv2UI8UKIWTOyWcjDJTE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSwNuu7D2Yec8ZkzZCiiXH1YAYQPrtUZA6Cub0v3zvB2l2hcILk4P_3fUzj9DTDxuwU1aywGc8sdnPrv2UI8UKIWTOyWcjDJTE

Request Chain 598

https://googleads.g.doubleclick.net/pagead/adview?ai=CDZL_qwXjZMutKZGpiQb2jKbQCc2q28ZtybrswagM8ryCgcAFEAEgrOT2CGCVqp-CsAegAbC6odcDyAEJqQI9mh0vtj2yPqgDAcgDy4SAgASqBMEBT9AHq2GxsTTM-6rcHukFzZnCpW7oK4fdaVRnWU5qqAgRGIkAsAjSHJS5xkzj4bovfaYS0m_d5mIIfglw8j3wmTK-jMNtZhXof189vuhe2VNsq35cQKjQHliO6exLXNdt6N43npuZnXUvAUBtyMe12xcGOAuegvII_b9YtZ8VUf6NfnYzr_KxFLGJ_PtH2kdZTEHStHTgLQF-lwT10zG_bZwfRA9ngh2XQ_2B6ZjSynBoipu3e-OaSk_UULttyPFJY8AEwd7iyo4DkgUECAQYAZIFBAgFGASgBi6AB7_ZvWCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQz9kD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJP2h0dHBzOi8vd3d3LnN3b29kb28uY29tL3NlbWkvZ2RudGV4dC9mbGlnaHRfZ2VuZXJhbC9hbnkvZGUuaHRtbIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi00NTc3MjU0NDM1NTk3MTA0GAA&sigh=rF-iLmx0dB4&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW5gSAEtMPOQLKDUWyI7YwMgs1V7jMja5FhyCS0L9CT-aEoUejGEpAUNcnPkDD_YphVjfhLX4QBRgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225761884825953191154%22,%22debug_reporting%22:true,%22destination%22:%22https://swoodoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227521188437110690017%22}&andc=true

Request Chain 601

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAcZx9zK7caYZaaPm7K8MRM&google_cver=1&google_push=AXcoOmRZacW0Z0RwJF_lT-bqJTA2QrB4nzKpc1QBjXIqKgM7SxcAguCBLGw1-pEBAqainHvro8Ec-JjPBJoHWrexXPioiPFxGeZ0vg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRZacW0Z0RwJF_lT-bqJTA2QrB4nzKpc1QBjXIqKgM7SxcAguCBLGw1-pEBAqainHvro8Ec-JjPBJoHWrexXPioiPFxGeZ0vg&google_hm=jpimiHErWpyJq7WQUXRhsQ

Request Chain 602

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cver=1&google_push=AXcoOmTzoeKnnYbR5P5TabIMA5C8DWEA7i7tzQ4YsQZfJjgkjXmpbWebY4QaLtXrh0jLKzR2Wtfx3obyBRDN3W11huGIqIqjgpiSYA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDVjTTNnYkcxUXhZdng1&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cver=1&google_push=AXcoOmTzoeKnnYbR5P5TabIMA5C8DWEA7i7tzQ4YsQZfJjgkjXmpbWebY4QaLtXrh0jLKzR2Wtfx3obyBRDN3W11huGIqIqjgpiSYA

Request Chain 603

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPn2TgSMS52DYj5rfbbyilQ&google_cver=1&google_push=AXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8jv01M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8jv01M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPn2TgSMS52DYj5rfbbyilQ&google_cver=1&google_push=AXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8jv01M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8jv01M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 604

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmTFSSADrP-aU6ggbCP4HpkNi_6Uh5A7GQX0jAYnQbLYPSHP0GehQ8t2BCC6I4ORTY_GPPTUx-gds4CZ6345u_78q0pyWRKLoYo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk9NRnF3QUc5enhSOWdCVg==&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmTFSSADrP-aU6ggbCP4HpkNi_6Uh5A7GQX0jAYnQbLYPSHP0GehQ8t2BCC6I4ORTY_GPPTUx-gds4CZ6345u_78q0pyWRKLoYo

Request Chain 606

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENaddOD0bByBpsjqCK5p9c8&google_cver=1&google_push=AXcoOmTkAnw3bkWOHwP_R9MXdWKyY7gqLFdtMO6RCCFXSr5PuXUaT-hgoHaaPvXuzjslC86nzBlDTdyqxwuwamU6p9hxK41l1HotUWw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTkAnw3bkWOHwP_R9MXdWKyY7gqLFdtMO6RCCFXSr5PuXUaT-hgoHaaPvXuzjslC86nzBlDTdyqxwuwamU6p9hxK41l1HotUWw&google_hm=kN1-wudYSW6KU9tXpSH3Uso

Request Chain 607

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPYt3Yq6DMZK7LITVzJT08c&google_cver=1&google_push=AXcoOmQdkWmdC1Uel0f68GkPK3axr_BszCwwdvhtLd7T3OcChL9bxyzQLoNikLjs8q92Jno_mq1PFLyBO9KEsi24LbT8h4NG_ygLDVQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQdkWmdC1Uel0f68GkPK3axr_BszCwwdvhtLd7T3OcChL9bxyzQLoNikLjs8q92Jno_mq1PFLyBO9KEsi24LbT8h4NG_ygLDVQ

Request Chain 647

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=

Request Chain 648

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=

Request Chain 650

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 651

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKX0JrN0p4Z3NBQUNidDZDUnQ0Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAJ_Bk7JxgsAACbt6CRt4g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2520278254207601443&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAJ_Bk7JxgsAACbt6CRt4g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2520278254207601443%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2520278254207601443&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJ_Bk7JxgsAACbt6CRt4g&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=

Request Chain 652

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D

Request Chain 653

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420682872783

Request Chain 655

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529

Request Chain 658

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1kk9l9iui7ho

Request Chain 659

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=

Request Chain 660

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYRQbjhjbaURUXYXn%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=06b28f416e2017d3de0e7837c3cf27a1&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNrGB8F9IYRQbjhjbaURUXYXn%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=

Request Chain 663

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=

Request Chain 664

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2569610039

Request Chain 667

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 668

https://pixel.onaudience.com/?partner=214&mapped=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b3bb7e7ca868dd10dff5b224e838ecce&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=5ef26caedfc5fa2d

Request Chain 670

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 671

https://pixel.onaudience.com/?partner=214&mapped=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=06b28f416e2017d3de0e7837c3cf27a1&gdpr=0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=39d1cbc10696232e

Request Chain 673

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=

Request Chain 674

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=

Request Chain 676

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 677

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCcFkwN0p4Z3NBQUNPb19ET3BhQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAJ_Bk7JxgsAACbt6CRt4g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5505691669261945789&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAJ_Bk7JxgsAACbt6CRt4g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5505691669261945789%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5505691669261945789&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJ_Bk7JxgsAACbt6CRt4g&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=

Request Chain 678

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D

Request Chain 679

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926780026029

Request Chain 681

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529

Request Chain 684

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=18ernjholz5n

Request Chain 685

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=

Request Chain 686

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYRQbjhjbaURUXYXn%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNrGB8F9IYRQbjhjbaURUXYXn%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=

Request Chain 689

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=

Request Chain 690

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8588169826

702 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
businessua.com/ 72 KB
21 KB 2951ms
2803ms Document
text/html 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash: 775ca0c7c84154701f12473ee0a56c168245b96ab1f47943503d3fc4f8fc8770

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=Windows-1251
Date: Mon, 21 Aug 2023 06:35:21 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.12.1
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.45-0+deb7u14
cache-control: private

GET
H/1.1 200
OK video-js.min.css
businessua.com/engine/plugins/bb_media/players/videojs/lib/ 38 KB
39 KB 38ms
37ms Stylesheet
text/css 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 9432910549ed60750095a9fabff1716827fbb61a9270cd5c680f41c8ba8ba031

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:21 GMT
Last-Modified: Mon, 14 Nov 2016 14:13:46 GMT
Server: nginx/1.12.1
ETag: "5829c69a-996e"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39278

GET
H/1.1 200
OK videojs-ie8.min.js Show response
businessua.com/engine/plugins/bb_media/players/videojs/lib/ie8/ 27 KB
27 KB 77ms
38ms Script
application/javascript 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 14 Nov 2016 14:13:46 GMT
Server: nginx/1.12.1
ETag: "5829c69a-6a8f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27279

GET
H/1.1 200
OK video.min.js Show response
businessua.com/engine/plugins/bb_media/players/videojs/lib/ 267 KB
267 KB 78ms
39ms Script
application/javascript 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 14 Nov 2016 14:13:46 GMT
Server: nginx/1.12.1
ETag: "5829c69a-42b5b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 273243

GET
H/1.1 200
OK youtube.min.js Show response
businessua.com/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/ 12 KB
12 KB 78ms
39ms Script
application/javascript 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Thu, 22 Sep 2016 15:15:12 GMT
Server: nginx/1.12.1
ETag: "57e3f580-30ec"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12524

GET
H/1.1 200
OK adriver.core.2.js Show response
businessua.com/templates/default/css/ 6 KB
7 KB 147ms
35ms Script
application/javascript 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/templates/default/css/adriver.core.2.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 59ec0f8b9e3faec4e5d11d5df374c59ccb009c2f73dcf059e6d3dfa568a6a4fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 17 Nov 2014 13:50:29 GMT
Server: nginx/1.12.1
ETag: "5469fd25-193f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6463

GET
H/1.1 200
OK jquery-1.7.1.min.js Show response
businessua.com/templates/default/css/ 92 KB
92 KB 147ms
34ms Script
application/javascript 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/templates/default/css/jquery-1.7.1.min.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 5309ca3e99da2e0fa0de2575ea750847db37fd4f4f1dbbda2a513268c702ace3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 01 Apr 2013 01:12:05 GMT
Server: nginx/1.12.1
ETag: "5158dee5-16eae"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93870

GET
H/1.1 200
OK jquery.bfm.carousel.js Show response
businessua.com/templates/default/css/ 2 KB
2 KB 148ms
35ms Script
application/javascript 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/templates/default/css/jquery.bfm.carousel.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 999ad9e278c7120fd946730c476eaacb43e38476d776bfc685f6aceb2cf9bb1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 01 Apr 2013 01:12:06 GMT
Server: nginx/1.12.1
ETag: "5158dee6-6c3"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1731

GET
H/1.1 200
OK main.css
businessua.com/templates/default/css/ 213 KB
213 KB 75ms
37ms Stylesheet
text/css 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/templates/default/css/main.css?v=201303221533
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: ec0baa8fc113d06b31083d72dd68c2994a3392ef9a01afbad21c8a150b2de185

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Tue, 03 Jan 2023 23:14:50 GMT
Server: nginx/1.12.1
ETag: "63b4b6ea-3528b"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 217739

GET
H/1.1 200
OK jquery-ui-1.10.0.custom.css
businessua.com/templates/default/css/ 17 KB
18 KB 76ms
38ms Stylesheet
text/css 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/templates/default/css/jquery-ui-1.10.0.custom.css
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 132caf8501ded4f80c9d0f356acacb6e7146b8309406e593911d9bed72514ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Wed, 07 Aug 2013 02:18:01 GMT
Server: nginx/1.12.1
ETag: "5201ae59-4537"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17719

GET
H/1.1 200
OK functions.js Show response
businessua.com/lib/ 13 KB
13 KB 183ms
35ms Script
application/javascript 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/lib/functions.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Wed, 12 Jun 2013 16:35:37 GMT
Server: nginx/1.12.1
ETag: "51b8a359-32f0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13040

GET
H/1.1 200
OK ajax.js Show response
businessua.com/lib/ 7 KB
8 KB 182ms
35ms Script
application/javascript 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/lib/ajax.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Wed, 12 Jun 2013 16:35:37 GMT
Server: nginx/1.12.1
ETag: "51b8a359-1d7d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7549

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
53 KB 70ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77433169eb480eb9c4d5d5cdb22498f6de3ed2dbbd127efb27cced42a58050e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 53884
X-XSS-Protection: 0
Server: cafe
ETag: 12101427013133408865
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 21 Aug 2023 06:35:21 GMT

GET
H2 200 loader2.js Show response
scripts.go2net.com.ua/scripts3/ 178 KB
56 KB 84ms
24ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2ddff6ca403e408b50b61256db50543365aa711936908182d7edbc23bedc106a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:00 GMT
server: nginx
etag: W/"64db3e54-2c649"
x-cached-since: 2023-08-18T16:58:09+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
cross-origin-resource-policy: cross-origin
x-id-fe: fr5-hw-edge-gc27
expires: Fri, 18 Aug 2023 17:08:09 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 178 KB
56 KB 84ms
16ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2ddff6ca403e408b50b61256db50543365aa711936908182d7edbc23bedc106a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc15
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:00 GMT
server: nginx
etag: W/"64db3e54-2c649"
x-cached-since: 2023-08-21T06:28:40+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
cross-origin-resource-policy: cross-origin
x-id-fe: fr5-hw-edge-gc15
expires: Tue, 15 Aug 2023 09:11:39 GMT

GET
H/1.1 200
OK media.js Show response
businessua.com/templates/default/css/ 2 KB
2 KB 220ms
36ms Script
application/javascript 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/templates/default/css/media.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 5c01f7ce2bfb7de66c055e3579549a06fb0e73349bc2feb589db74c5e2410e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Fri, 04 Dec 2015 02:16:34 GMT
Server: nginx/1.12.1
ETag: "5660f782-8f0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2288

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 37ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17479fafb1a5850c544a263a606eae0ff4b970dbe16e152f944bd43c41e9c7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://businessua.com/
Origin: http://businessua.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 06:35:21 GMT
content-md5: w/G7gn5dWgVoKooGGkKJDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-debug: 2DiC5Yg0eBlOFFclGSdP0nSUUjfdjL3IJNXVmTlFpqyng0Y3qnUOh46seDsXO4svPQu0eMlBBK/HgvUJk7LktQ==
x-fb-content-md5: b29a6b132c1d720a154738e5ee472d98
cross-origin-opener-policy: same-origin-allow-popups
etag: "5645e4631000a264d95e3a145f65bcc2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:45:36 GMT

GET
H/1.1 200 44fdb324.js Show response
servetraff.com/ 36 KB
37 KB 438ms
62ms Script
text/javascript 65.21.224.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servetraff.com/44fdb324.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.224.187 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.224.21.65.clients.your-server.de
Software: /
Resource Hash: 96aaf5ae3e0efa99c94caabfca0a49af5b4bc22a5ec2f3d0b89fa2752c9e093a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:21 GMT
accept-ranges: bytes
etag: "0ac4f7a7afc78ac41713c2d41993825df"
content-length: 37245
content-type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 59ms
29ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-29115103-1

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98a47cc3cb7e1134fee55a06ab085279d1e15db7d8f9f960277a16021c59c5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66145
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Aug 2023 06:35:21 GMT

GET
H/1.1 200
OK 4879_pb.jpg
businessua.com/uploads/dsn/2a/de/011/ 63 KB
64 KB 37ms
36ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/2a/de/011/4879_pb.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 57e2b7b17abd12110b867e37838e567932747a2a8744068a6b2bc7fbd79aa455

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 14 Aug 2023 19:13:17 GMT
Server: nginx/1.12.1
ETag: "64da7ccd-fd97"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64919

GET
H/1.1 200
OK 98798.jpg
businessua.com/uploads/dsn/25/02/104/ 69 KB
69 KB 37ms
37ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/25/02/104/98798.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 5733c1307f82f1673e757b722ca6d26f1358bfa2658749079ec473be39bd20f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 07 Aug 2023 17:37:05 GMT
Server: nginx/1.12.1
ETag: "64d12bc1-1142d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70701

GET
H/1.1 200
OK 5d03ac6782765.jpg
businessua.com/uploads/dsn/38/63/001/ 36 KB
36 KB 35ms
35ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/38/63/001/5d03ac6782765.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 882b945c02d86ff90b5c7610d1f1d64712692f52073572b71f8f9c6bbab142e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Thu, 27 Jul 2023 20:50:06 GMT
Server: nginx/1.12.1
ETag: "64c2d87e-8e95"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36501

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 18 KB
9 KB 61ms
49ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

459f394cc5816e35d3ae63a98051dfc78d083bd62caee96fcf6ae2ff1000de91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7237345810691465227
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 8155
X-XSS-Protection: 0
Expires: Mon, 21 Aug 2023 06:35:21 GMT

GET
H/1.1 200
OK 2_1.jpg
businessua.com/uploads/dsn/c2/73/001/ 57 KB
57 KB 55ms
54ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/c2/73/001/2_1.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 1b92731d2613adbbaed3463f58f366fcbe349aa588b325b2ffff863b4e7469a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Tue, 15 Sep 2020 14:02:27 GMT
Server: nginx/1.12.1
ETag: "5f60c973-e490"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58512

GET
H/1.1 200
OK 93a5ba3ab88e0c7f.jpg
businessua.com/uploads/dsn/de/f7/001/ 7 KB
7 KB 61ms
61ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/de/f7/001/93a5ba3ab88e0c7f.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: e9f0bce617384e371261b8be66f44ba84afcbdfe93807e6f2d51d7dc0b5479d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Tue, 25 Sep 2018 07:44:47 GMT
Server: nginx/1.12.1
ETag: "5ba9e76f-1b70"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7024

GET
H/1.1 200
OK 137.jpg
businessua.com/uploads/dsn/6e/be/001/ 6 KB
6 KB 43ms
43ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/6e/be/001/137.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: b0a1aeb5954058577f1bae4c66477d62a279297e37ce8cd6d1fd2a5536bd203c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Sun, 22 Apr 2018 18:17:55 GMT
Server: nginx/1.12.1
ETag: "5adcd1d3-18c1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6337

GET
H/1.1 200
OK bez_imeni-1.jpg
businessua.com/uploads/dsn/a4/a2/001/ 28 KB
28 KB 37ms
36ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/a4/a2/001/bez_imeni-1.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: fea4cdde6f552b44b1027e9d37c879224b25a9fd6e3c17cb8d9f334810768848

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Tue, 07 Apr 2020 20:35:40 GMT
Server: nginx/1.12.1
ETag: "5e8ce41c-6e51"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28241

GET
H/1.1 200
OK 846584_1_w_570_lq.jpg
businessua.com/uploads/dsn/42/05/001/ 10 KB
10 KB 37ms
37ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/42/05/001/846584_1_w_570_lq.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: f4410f941182dc0d07704c0651029e32aa0a0183dd07634baa3fe56c382475e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 09 Jul 2018 12:45:35 GMT
Server: nginx/1.12.1
ETag: "5b4358ef-2802"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10242

GET
H/1.1 200
OK 40_main_ukr.jpg
businessua.com/uploads/dsn/47/c6/001/ 8 KB
8 KB 35ms
35ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/47/c6/001/40_main_ukr.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: a9b65509a867bf15e60b0e39630792ab66b50a5e9fe810a251fb51c6589a6f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Sat, 18 Nov 2017 13:36:40 GMT
Server: nginx/1.12.1
ETag: "5a103768-20eb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8427

GET
H/1.1 200
OK img_20170813_182032-1200x900.jpg
businessua.com/uploads/dsn/2a/cc/001/ 7 KB
7 KB 36ms
36ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/2a/cc/001/img_20170813_182032-1200x900.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: e08e18b262aa23c4015fa2e1a41048d0a4a4f578aef0cd5b1f66603c2166e39c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 14 Aug 2017 18:00:14 GMT
Server: nginx/1.12.1
ETag: "5991e52e-1ae3"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6883

GET
H/1.1 200
OK iphone-8-1.jpg
businessua.com/uploads/dsn/4f/78/001/ 5 KB
5 KB 37ms
37ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/4f/78/001/iphone-8-1.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 1b2505fe9457bf0337bdda6b09c9fa8d804f9c824d2eb77aa2266277b602100b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Wed, 26 Jul 2017 14:14:33 GMT
Server: nginx/1.12.1
ETag: "5978a3c9-12ce"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4814

GET
H/1.1 200
OK 1.jpg
businessua.com/uploads/dsn/f3/cc/107/ 10 KB
10 KB 37ms
37ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/f3/cc/107/1.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: a54487daab6d1229f4476fa0f59f16c97a220489b15ce50c781762c3b28f4d29

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 17 Jul 2017 11:57:28 GMT
Server: nginx/1.12.1
ETag: "596ca628-274b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10059

GET
H/1.1 200
OK 81_main_new_1495493903.png
businessua.com/uploads/dsn/e9/13/001/ 31 KB
31 KB 36ms
36ms Image
image/png 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/e9/13/001/81_main_new_1495493903.png
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 3bfd355e35b972638ac8e77174eeb44841fd6501ee17b7404f80efd7f68b0e64

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Tue, 23 May 2017 10:35:38 GMT
Server: nginx/1.12.1
ETag: "5924107a-7a59"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31321

GET
H/1.1 200
OK 1.jpg
businessua.com/uploads/dsn/f3/cc/106/ 9 KB
9 KB 37ms
37ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/f3/cc/106/1.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 15eb8e35f93d0e74a7a4daf5c375423930e2174ce51886090e72c54622229caf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Thu, 27 Apr 2017 09:13:40 GMT
Server: nginx/1.12.1
ETag: "5901b644-2286"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8838

GET
H/1.1 200
OK 1.jpg
businessua.com/uploads/dsn/f3/cc/105/ 11 KB
11 KB 36ms
35ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/f3/cc/105/1.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: ce7b699aac2647df3ae4d38138565a8486e5bd0d4c14e73275d11f563d42bd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Fri, 07 Apr 2017 10:53:58 GMT
Server: nginx/1.12.1
ETag: "58e76fc6-2a8a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10890

GET
H/1.1 200
OK ppll.jpg
businessua.com/uploads/dsn/a3/cb/001/ 18 KB
18 KB 37ms
37ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/dsn/a3/cb/001/ppll.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 1a12d32480ae6045773f1ef841fc428b08e82f5b0c6e3a128f23fe0a1741b050

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Wed, 08 Feb 2017 15:16:33 GMT
Server: nginx/1.12.1
ETag: "589b3651-47ba"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18362

GET
H/1.1 200
OK 7763_img_4254.jpg
businessua.com/uploads/images/default/ 36 KB
36 KB 36ms
36ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/images/default/7763_img_4254.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: d4effea06218af4b8e9983d070e9e282cbcf97119754ed86162746345123a048

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Sun, 21 May 2023 21:40:35 GMT
Server: nginx/1.12.1
ETag: "646a8fd3-8ff2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36850

GET
H/1.1 200
OK 9027_img_3175.jpeg
businessua.com/uploads/images/default/ 66 KB
66 KB 38ms
37ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/images/default/9027_img_3175.jpeg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 09936f581354442175379b9b596cc86ae0f11e13f37078547d62af198ba2bb2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Wed, 17 May 2023 14:16:04 GMT
Server: nginx/1.12.1
ETag: "6464e1a4-106ba"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67258

GET
H/1.1 200
OK 2934_9df562efd57a306749b3d4576506c80f.jpg
businessua.com/uploads/images/default/ 27 KB
27 KB 38ms
37ms Image
image/jpeg 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/images/default/2934_9df562efd57a306749b3d4576506c80f.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: c58feb32d47e379cdedded0568339f0db476feadfb7fa0e8c49e3de755108c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Sun, 19 Feb 2023 09:41:24 GMT
Server: nginx/1.12.1
ETag: "63f1eec4-6a3f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27199

GET
H/1.1 200
OK screenshot_6.png
businessua.com/uploads/images/default/ 468 KB
469 KB 46ms
46ms Image
image/png 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/uploads/images/default/screenshot_6.png
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 727576b01189addb880f8fc106b69833b52e768248051074c21e2d6b4e450863

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Fri, 25 Nov 2022 09:44:28 GMT
Server: nginx/1.12.1
ETag: "63808e7c-751a2"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479650

GET
H2

200

informers_js.php Show response
sinoptik.ua/
Redirect Chain

http://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ru
https://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ru

1 KB
914 B

35ms
11ms

Script
application/json

212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ru

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

srv150.fwdcdn.com

Software

nginx /

Resource Hash

2b56e07a770ef4957105d9a36287a2bcaa51348bc5799a17ce4775971ab17e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-store, no-cache, must-revalidate
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
x-server-by: sinfe1
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/json
cache-control: must-revalidate, post-check=0, pre-check=0
expires: 0

Redirect headers

Date: Mon, 21 Aug 2023 06:35:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Server-By: sinfe1
Server: nginx
Content-Type: text/html
Location: https://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ru
Connection: keep-alive
Content-Length: 178

GET
H/1.1 200
OK jsonp_v3.js Show response
phoenix-widget.com/static/js/ 67 KB
21 KB 67ms
23ms Script
application/x-javascript 188.166.21.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://phoenix-widget.com/static/js/jsonp_v3.js
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 188.166.21.205 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 015fad11b2e63a0e4db70b84205aa791619edac52656018242d5dc10beafcede

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 19:17:11 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"6480d7b7-10c46"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public, no-transform, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 3_1_5.png
i.i.ua/r/ 2 KB
3 KB 45ms
26ms Image
image/png 104.18.2.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.i.ua/r/3_1_5.png
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc42e3239b0356ac32f43e6ed5c747f7609f205617fcb3d2043fe674dee7e3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:21 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 28 Sep 2006 16:33:08 GMT
Server: cloudflare
Age: 17367835
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7fa0db065ec2364d-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 2185
Expires: Thu, 01 Feb 2024 06:11:26 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 54ms
28ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: businessua.com
URL: http://businessua.com/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

911fb8f3c9457ef89d35dd21dedfc00e7dd2eb1c64406567f5523a60e2d4ab16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 21 Aug 2023 06:35:22 GMT

GET
H/1.1 200
OK autoUpdate.adriver.js Show response
ua-content.adriver.ru/plugins/ 5 KB
5 KB 312ms
50ms Script
application/javascript 88.218.242.3
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL: http://ua-content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: businessua.com
URL: http://businessua.com/templates/default/css/adriver.core.2.js
Protocol: HTTP/1.1
Server: 88.218.242.3 Moscow, Russian Federation, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software: nginx /
Resource Hash: 141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:30:59 GMT
Last-Modified: Mon, 26 Jun 2023 07:09:08 GMT
Server: nginx
ETag: "64993994-1455"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: close
Accept-Ranges: bytes
Content-Length: 5205
Expires: Mon, 21 Aug 2023 07:30:59 GMT

GET
H/1.1 200
OK handheld.css
businessua.com/templates/default/css/ 54 B
289 B 87ms
87ms Stylesheet
text/css 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to

Full URL: http://businessua.com/templates/default/css/handheld.css?v=201303221533
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: c33ebd244a05af7afc3ccae0617981f390009b6368a07e1b53e341f961ece910

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 01 Apr 2013 01:12:05 GMT
Server: nginx/1.12.1
ETag: "5158dee5-36"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54

GET
H/1.1 200
OK s
r.i.ua/ 43 B
828 B 117ms
93ms Image
image/gif 104.18.3.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://r.i.ua/s?u144920&p0&n0.45514622899335344&c1&d24&w1600&h1200&rbusinessua.com/
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:22 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 7fa0db08aabcbba9-FRA
alt-svc: h3=":443"; ma=86400
Expires: 0

GET banner.js
banner.kiev.ua/j/ 0
0

GET
H/1.1 200
OK informers2.css
sinst.fwdcdn.com/css/ 15 KB
2 KB 27ms
9ms Stylesheet
text/css 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: http://sinst.fwdcdn.com/css/informers2.css?v=1
Requested by: Host: sinoptik.ua
URL: http://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ru
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Content-Encoding: gzip
X-Server-By: sinfe3
Last-Modified: Thu, 26 May 2016 07:03:52 GMT
Server: nginx
ETag: W/"57469fd8-3d41"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Tue, 20 Aug 2024 06:35:22 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 111ms
83ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=businessua.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

871d6e1e89972eac78315604568b4369365a05ec4e877ff4fb2c3277493204c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134727
x-xss-protection: 0
server: cafe
etag: 3978846951347550810
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:35:22 GMT

GET
H/1.1 200
OK sprite.png
businessua.com/templates/default/images/ 75 KB
75 KB 42ms
36ms Image
image/png 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/templates/default/images/sprite.png
Requested by: Host: businessua.com
URL: http://businessua.com/templates/default/css/main.css?v=201303221533
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: c782e9ec68cb5973fc5ce1b2852b6ab88a4576bbcd9ef1270fc93736ad23b752

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/templates/default/css/main.css?v=201303221533
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 01 Apr 2013 01:12:20 GMT
Server: nginx/1.12.1
ETag: "5158def4-12b32"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76594

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f34b9aaafeae301ea719d4d3852fadf83b252116cde7886f50472d400de7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK sprite2.png
businessua.com/templates/default/images/ 17 KB
18 KB 38ms
38ms Image
image/png 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/templates/default/images/sprite2.png
Requested by: Host: businessua.com
URL: http://businessua.com/templates/default/css/main.css?v=201303221533
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 0dfa5458e347fb719e4a01fc7d13f6ec3c81b6c5c392d7117073c8d39b2ed285

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/templates/default/css/main.css?v=201303221533
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 01 Apr 2013 01:12:20 GMT
Server: nginx/1.12.1
ETag: "5158def4-4541"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17729

GET
DATA 200
OK truncated
/ 119 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03caebb158fba9ce6b4c9513a16916462bf10d38437ae07940fb89b3f2c8db67

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb3f2d6cb2e60071070e24810249b0c04926ace3d92b09f79d7c33bbe72ba4bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 130 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52ef9f33cdc2e8db9ca26a47ef7ab531704d46df0a41a4d2dc1674bbec2c65bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 129 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf7bfaa0297903fa6d291c8644972e998cccf99320951c07d9a70ca6d13d42e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 275be2c7a3483486f1cc5ce3f37b50cd2e708d08d42ecbfc1a5e4defd712816f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 136 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca014dcee5d093cf8c04e9074e0f339484f863977c33ecb83e64664f5d732a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d314c86c0f0f0426a832d63996e043fd3c4aee476be12c62915c479460a8411

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK comviews.png
businessua.com/templates/default/images/icons/ 141 B
378 B 64ms
64ms Image
image/png 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/templates/default/images/icons/comviews.png
Requested by: Host: businessua.com
URL: http://businessua.com/templates/default/css/main.css?v=201303221533
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: 38b185696f18bcbfb77b97882a86f29fc326f44bbc7e46bde2969d904a8407e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/templates/default/css/main.css?v=201303221533
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 01 Apr 2013 01:12:25 GMT
Server: nginx/1.12.1
ETag: "5158def9-8d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 141

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fa5909019842e1ae38cd0b218c7550806707388ea19a279d41a2913d1f9c9dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72ca6693dd9a9d65b48392f863320aa4ded0b042ab3b8d06e33aa5beb5ace7dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK nav-arr-black-left.png
businessua.com/templates/default/images/ 110 B
347 B 97ms
97ms Image
image/png 91.210.190.92
AS-EKVIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://businessua.com/templates/default/images/nav-arr-black-left.png
Requested by: Host: businessua.com
URL: http://businessua.com/templates/default/css/main.css?v=201303221533
Protocol: HTTP/1.1
Server: 91.210.190.92 , Bulgaria, ASN48440 (AS-EKVIA, BG),
Reverse DNS: internetmedia.ua
Software: nginx/1.12.1 /
Resource Hash: f8ee431f1a979a82ead17921fa698a59f07b7cecd81a0f9a124130de446d4212

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/templates/default/css/main.css?v=201303221533
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Last-Modified: Mon, 01 Apr 2013 01:12:18 GMT
Server: nginx/1.12.1
ETag: "5158def2-6e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame F43E 10 KB
5 KB 37ms
9ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 12:30:22 GMT
etag: 13776922816869014096
expires: Sun, 03 Sep 2023 12:30:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.html Show response
scripts.go2net.com.ua/scripts3/61391/ Frame D4AE 738 B
521 B 23ms
22ms Document
text/html 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/c.html?b=61391
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 21 Aug 2023 06:35:22 GMT
etag: W/"64db3e64-2e2"
expires: Thu, 15 Aug 2024 12:58:00 GMT
last-modified: Tue, 15 Aug 2023 08:59:16 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2023-08-19T12:58:29+00:00
x-id: fr5-hw-edge-gc27
x-id-fe: fr5-hw-edge-gc27

GET
H2 200 01222d9d83294580d42d.b.js Show response
scripts.go2net.com.ua/scripts3/61391/ 37 KB
14 KB 24ms
24ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/01222d9d83294580d42d.b.js
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7746193042c3e083de7d669d7f12db1d6900329d6852ef70ccd242ad1b7ac201

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:04 GMT
server: nginx
etag: W/"64db3e58-9501"
vary: Accept-Encoding
x-cached-since: 2023-08-20T06:44:01+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-id-fe: fr5-hw-edge-gc27
expires: Fri, 16 Aug 2024 06:43:59 GMT

GET
H2 200 03614ae80c9bdf7f3ef0.b.js Show response
scripts.go2net.com.ua/scripts3/61391/ 78 KB
20 KB 23ms
23ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/03614ae80c9bdf7f3ef0.b.js
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 89bdeccf0543282acb2c83614c02dffb38b872230cfc23a008cd5bb70b538015

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:04 GMT
server: nginx
etag: W/"64db3e58-13870"
vary: Accept-Encoding
x-cached-since: 2023-08-20T06:44:01+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-id-fe: fr5-hw-edge-gc27
expires: Fri, 16 Aug 2024 06:43:59 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/61391/ Frame D22F 738 B
520 B 14ms
13ms Document
text/html 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/61391/c.html?b=61391
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 21 Aug 2023 06:35:22 GMT
etag: W/"64db3e64-2e2"
expires: Sat, 17 Aug 2024 09:41:43 GMT
last-modified: Tue, 15 Aug 2023 08:59:16 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2023-08-17T09:41:43+00:00
x-id: fr5-hw-edge-gc15
x-id-fe: fr5-hw-edge-gc15

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 308 KB
87 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=c0b49324db02d77031de701926944254

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52c69a9e19f7dfc17f594b8b0c2b16a319e55b9f1c85d3c0f8f6e99cc84b25d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://businessua.com/
Origin: http://businessua.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 06:35:22 GMT
content-md5: lQ1XottJfpX47bayR63AtQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89044
x-fb-debug: CkmloO7z4A87etmmzzS5pI/F/5tYPFJOwNBBlFZX3T/tMPQVoWPzHySnHpup0yqOch+CsbnQXkfjUFHfuHid/w==
x-fb-content-md5: e40deddd21e9a5017c6d453ddf5da527
cross-origin-opener-policy: same-origin-allow-popups
etag: "f77588bb86568dc0965169810df78409"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 20 Aug 2024 05:45:37 GMT

GET
H/1.1 200
OK getdata Show response
api.phoenix-widget.com/api/v2/ 11 KB
12 KB 511ms
478ms XHR
application/json 143.244.196.143
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://api.phoenix-widget.com/api/v2/getdata?callback=phoenix19137&site_id=60c30833cfbe90fe5ed278a0&widget_id=60c308ec18af9c97bea77370&puid=d2f2e53cce3a368bf03da73a&url=http://businessua.com/&preview=false
Requested by: Host: phoenix-widget.com
URL: http://phoenix-widget.com/static/js/jsonp_v3.js
Protocol: HTTP/1.1
Server: 143.244.196.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 124eacdf42d3e77a5f673116c002b35864d1b19736bc30bf4be913635857d7ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Amp-Same-Origin: true
Etag: "cc5482d5c3227524b907df5b141715c0be2b77e8"
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: http://businessua.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *
Content-Length: 11373

GET
H/1.1 200
OK logo-t2.png
sinst.fwdcdn.com/img/informers/ 1 KB
2 KB 7ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sinst.fwdcdn.com/img/informers/logo-t2.png
Requested by: Host: sinst.fwdcdn.com
URL: http://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 247487e5c8e756cc99c1d14f2494b027819eecac4aedf9ff01b6446459b015ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
X-Server-By: sinfe3
Last-Modified: Thu, 26 May 2016 12:47:34 GMT
Server: nginx
ETag: "5746f066-512"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1298
Expires: Tue, 20 Aug 2024 06:35:22 GMT

GET
H/1.1 200
OK hlc-t2.png
sinst.fwdcdn.com/img/informers/ 181 B
528 B 15ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sinst.fwdcdn.com/img/informers/hlc-t2.png
Requested by: Host: sinst.fwdcdn.com
URL: http://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
X-Server-By: sinfe3
Last-Modified: Wed, 05 Nov 2014 09:28:02 GMT
Server: nginx
ETag: "5459eda2-b5"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181
Expires: Tue, 20 Aug 2024 06:35:22 GMT

GET
H/1.1 200
OK term-t2.png
sinst.fwdcdn.com/img/informers/ 406 B
754 B 15ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sinst.fwdcdn.com/img/informers/term-t2.png
Requested by: Host: sinst.fwdcdn.com
URL: http://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
X-Server-By: sinfe3
Last-Modified: Thu, 26 May 2016 12:47:34 GMT
Server: nginx
ETag: "5746f066-196"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 406
Expires: Tue, 20 Aug 2024 06:35:22 GMT

GET
H/1.1 200
OK s-informers-t2.png
sinst.fwdcdn.com/img/informers/ 33 KB
33 KB 16ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sinst.fwdcdn.com/img/informers/s-informers-t2.png
Requested by: Host: sinst.fwdcdn.com
URL: http://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
X-Server-By: sinfe3
Last-Modified: Thu, 26 May 2016 12:47:34 GMT
Server: nginx
ETag: "5746f066-8433"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33843
Expires: Tue, 20 Aug 2024 06:35:22 GMT

GET
H/1.1 200
OK s-wind2.png
sinst.fwdcdn.com/img/informers/ 185 B
532 B 15ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sinst.fwdcdn.com/img/informers/s-wind2.png
Requested by: Host: sinst.fwdcdn.com
URL: http://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: b56fd6fba6303d72dda87e55ce9bb70fdf0376de22e9d981e8d6fcc7f65f5c7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
X-Server-By: sinfe3
Last-Modified: Thu, 26 May 2016 12:47:34 GMT
Server: nginx
ETag: "5746f066-b9"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 185
Expires: Tue, 20 Aug 2024 06:35:22 GMT

GET
H/1.1 200
OK frc-t1.png
sinst.fwdcdn.com/img/informers/ 155 B
502 B 15ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sinst.fwdcdn.com/img/informers/frc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: http://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
X-Server-By: sinfe3
Last-Modified: Thu, 26 May 2016 12:47:34 GMT
Server: nginx
ETag: "5746f066-9b"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155
Expires: Tue, 20 Aug 2024 06:35:22 GMT

GET
H/1.1 200
OK flc-t1.png
sinst.fwdcdn.com/img/informers/ 148 B
495 B 12ms
7ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sinst.fwdcdn.com/img/informers/flc-t1.png
Requested by: Host: sinst.fwdcdn.com
URL: http://sinst.fwdcdn.com/css/informers2.css?v=1
Protocol: HTTP/1.1
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
X-Server-By: sinfe3
Last-Modified: Thu, 26 May 2016 12:47:34 GMT
Server: nginx
ETag: "5746f066-94"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 148
Expires: Tue, 20 Aug 2024 06:35:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EPPMMRPT1D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-29115103-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

daffe282d5d0945f881b2aaa48e24dbf4531056c6ff48550244031639d74dd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 21 Aug 2023 06:35:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-29115103-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 05:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2739
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 21 Aug 2023 07:49:43 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t19.11;r;s1600*1200*24;uhttp%3A//businessua.com/;0.4307816316238886
https://counter.yadro.ru/hit?t19.11;r;s1600*1200*24;uhttp%3A//businessua.com/;0.4307816316238886
https://counter.yadro.ru/hit?q;t19.11;r;s1600*1200*24;uhttp%3A//businessua.com/;0.4307816316238886

224 B
710 B

52ms
52ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t19.11;r;s1600*1200*24;uhttp%3A//businessua.com/;0.4307816316238886

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

1e6cf9b4f56e26a01392796896866f67883feefb779236dd5bbc766b2ca31466

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:22 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 224
Expires: Sat, 20 Aug 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:22 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t19.11;r;s1600*1200*24;uhttp%3A//businessua.com/;0.4307816316238886
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sat, 20 Aug 2022 21:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f980f2a9/www-widgetapi.vflset/ 209 KB
65 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f980f2a9/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

386cffc306300930d11390e7ef3b437fe902b5d7363167fa2f1f33d8dcacf5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 04:21:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66015
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 03:39:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Aug 2024 04:21:47 GMT

POST
H/1.1 200 z1UERq59FNsW4z8TSwPoY3IxyGhBxerQ6N66OcLuVwW3_ZQRnhzTwEJppKPkCCGD-75u1V2JAbLcKxDvn8ZWuXZR2yiTqx-cneHU2z9-MeYHpIbo_VSPKr92jzsmCIOa7rfJwKIAhdWUNsLB3DfdTU9XoYQmUK3O8I4D-cfUb5OHHD-YW2Vda_Mtlfi7LRhHAMRdf... Show response
servetraff.com/ 621 B
1 KB 31ms
31ms XHR
application/json 65.21.224.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servetraff.com/z1UERq59FNsW4z8TSwPoY3IxyGhBxerQ6N66OcLuVwW3_ZQRnhzTwEJppKPkCCGD-75u1V2JAbLcKxDvn8ZWuXZR2yiTqx-cneHU2z9-MeYHpIbo_VSPKr92jzsmCIOa7rfJwKIAhdWUNsLB3DfdTU9XoYQmUK3O8I4D-cfUb5OHHD-YW2Vda_Mtlfi7LRhHAMRdfjWw8IxWYY0aRnQvknNaJaDlSrWVF10w0wAWoXvH2sNJ1QIncQEpo9z0vvqklRx09B97_VAF9hVNNsysyNJIhSPDSPvtNUa-sZ1PJ2AFBIFsIJLZUiod6vy3V0Zbn9xxbz3hokFry4_Dz6puBcUc5WBf4owC5eYFdcrIGmsVIl0ySz6L51Cs677b83ZLuV1qNaLf7X59KqvUUXmi5rDoJD3izujPDr8zn_sWfItHvcg_H-lhB_tU1nx4yJt56tA?
Requested by: Host: servetraff.com
URL: https://servetraff.com/44fdb324.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.224.187 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.224.21.65.clients.your-server.de
Software: /
Resource Hash: 9e0741dd15bb9e17e10391c78a7a202d7d11aae647ce3ca2dac1cedb6619adcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:21 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: http://businessua.com
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 621
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
609 B 54ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=businessua.com&callback=_gfp_s_&client=ca-pub-4577254435597104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=businessua.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d41f2f63ffbb0eb141c567d7b8ad4d34be560310bbf8fb8066e57dde2d41cee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F71 0
188 B 144ms
143ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&adk=4241144050&adf=1459063552&lmt=1692592522&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&pra=5&wgl=1&dt=1692599722338&bpp=9&bdt=398&idt=296&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7762022059180&frm=20&pv=2&ga_vid=940178178.1692599723&ga_sid=1692599723&ga_hid=934380263&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31077090%2C31077093%2C31077148%2C44798934%2C44799578&oid=2&pvsid=3228640422216500&tmod=1071138358&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=329

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:22 GMT
expires: Mon, 21 Aug 2023 06:35:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 50ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=348298842028226&ev=fb_page_view&dl=http%3A%2F%2Fbusinessua.com%2F&rl=&if=false&ts=1692599722681&sw=1600&sh=1200&at=

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 21 Aug 2023 06:35:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200 zP2fZGRoCCbhiXDaCcMLq6pyrqpXHnwL67GSpV29mh4JTNVpJckjdCm9k4J6Jj80A0DGa1fl7PA6UI1TNi1Zikj2a7U6JoWY4IdOfvGdMzCBvvfOhrWULLOHCt6UxUhkK6Z10o_Su1saYtXlQNxaSXjNkp_qOZzjwmit6-zXf2tDXAutf13HN6bPOGrXAi9kMNOG4...
servetraff.com/ 49 B
512 B 33ms
32ms Image
image/gif 65.21.224.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servetraff.com/zP2fZGRoCCbhiXDaCcMLq6pyrqpXHnwL67GSpV29mh4JTNVpJckjdCm9k4J6Jj80A0DGa1fl7PA6UI1TNi1Zikj2a7U6JoWY4IdOfvGdMzCBvvfOhrWULLOHCt6UxUhkK6Z10o_Su1saYtXlQNxaSXjNkp_qOZzjwmit6-zXf2tDXAutf13HN6bPOGrXAi9kMNOG4QcQy86GPb7nf4jSGZfg6H87cPay7RrH2sGDI8TpSAavdDkrFq8gfZ2mGNUDXfWtzQpAUOtLi0wQi638YR18QSapX6F7-cXLTXIkr2Ylei3FgZZzvuWRgm8wGTVk4xu8Tm_5CuNL7GQs22PF4PL7OpUc75GSO7vNZBt1BaUDlTwP18pd-hKVpizQZ3I8NaDPypkYsoE2jaBiV-w?DC=HZFI
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.224.187 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.224.21.65.clients.your-server.de
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
last-modified: Fri, 18 Aug 2023 12:26:48 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1692361608000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 49ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EPPMMRPT1D&gtm=45je38g0&_p=934380263&cid=940178178.1692599723&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1692599722&sct=1&seg=0&dl=http%3A%2F%2Fbusinessua.com%2F&dt=%D0%91%D1%96%D0%B7%D0%BD%D0%B5%D1%81%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20%D0%91%D1%96%D0%B7%D0%BD%D0%B5%D1%81%20UA&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPPMMRPT1D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://businessua.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4506 106 KB
37 KB 479ms
478ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=60&slotname=5382810768&adk=4068248796&adf=2830180937&pi=t.ma~as.5382810768&w=468&lmt=1692592522&url=http%3A%2F%2Fbusinessua.com%2F&wgl=1&dt=1692599722319&bpp=41&bdt=379&idt=394&shv=r20230816&mjsv=m202308150101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=7762022059180&frm=20&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599723&ga_hid=934380263&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=560&ady=832&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31077090%2C31077093%2C31077148%2C44798934%2C44799578%2C44800467&oid=2&pvsid=3228640422216500&tmod=1071138358&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=IOGzZdTret&p=http%3A//businessua.com&dtd=398

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdc53b171ad9fd2178fcbda5bc5dfcfdb97d9c68715e0938897b2a0be419d62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38326
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Mon, 21 Aug 2023 06:35:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dsp.aspx Show response
ads.go2net.com.ua/ 9 KB
3 KB 65ms
13ms Script
application/javascript 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9807910574238256&cpv=c0cd4639-c3d8-0743-f812-51f616b8f05a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=ef9f601d-57fe-4b11-b5c5-faa3947ff8e9&data=%7B%22id%22%3A%22118c5dfe-8d5e-9b14-7a9e-4dcc4ee6dd72%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fbusinessua.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22128b804d-2c46-7ae0-e21a-19b9c54f4d64%22%2C%22tagid%22%3A%222c065325-08ba-4ef8-bd05-2ff75aca182a%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_2c06532508ba4ef8bd052ff75aca182a_zone_13111_sect_3964_site_3534%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

2514118d56b941acd4b49ceda428af6a0211b20e7e7514a667330411c28fe295

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
server: nginx
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NID DSP ALL COR"
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 3026
x-xss-protection: 0

GET
H2 200 dsp.aspx Show response
inv-nets.admixer.net/ 11 KB
3 KB 57ms
28ms Script
application/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=6349532496109804&cpv=c0cd4639-c3d8-0743-f812-51f616b8f05a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=ef9f601d-57fe-4b11-b5c5-faa3947ff8e9&data=%7B%22id%22%3A%22e8d1ec1b-9815-be3b-774d-880fd2c79e7b%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fbusinessua.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227d8a6bb0-1920-436c-f385-bf2e45f5f15e%22%2C%22tagid%22%3A%22f908f676-c639-4e79-a9c4-e17a0b475084%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_f908f676c6394e79a9c4e17a0b475084_zone_2589_sect_362_site_362%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22d7b360c3-5b7a-9b92-9a32-102df81f8872%22%2C%22tagid%22%3A%229926893a-1688-4dd9-afb4-d173bd8a3a4d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_9926893a16884dd9afb4d173bd8a3a4d_zone_3640_sect_362_site_362%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%228f720bda-871b-f7e0-3491-a0797ed5799a%22%2C%22tagid%22%3A%226037660f-2a55-48a2-a35a-18f210643bbc%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_6037660f2a5548a2a35a18f210643bbc_zone_6051_sect_362_site_362%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

05caeeef9ae71fa3c6b712ab18e22b95059b3fe68451f031b589cb9abb6f7ca1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
server: nginx
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NID DSP ALL COR"
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 2830
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 16ms
16ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=934380263&t=pageview&_s=1&dl=http%3A%2F%2Fbusinessua.com%2F&ul=en-us&de=windows-1251&dt=%D0%91%D1%96%D0%B7%D0%BD%D0%B5%D1%81%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%7C%20%D0%91%D1%96%D0%B7%D0%BD%D0%B5%D1%81%20UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1720799796&gjid=1988195990&cid=940178178.1692599723&tid=UA-29115103-1&_gid=1429829842.1692599723&_r=1&gtm=457e38g0&jsscut=1&z=150528941

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://businessua.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://businessua.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A79 121 KB
40 KB 396ms
396ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=400&slotname=1085498814&adk=983172006&adf=20896475&pi=t.ma~as.1085498814&w=240&lmt=1692592522&format=240x400&url=http%3A%2F%2Fbusinessua.com%2F&wgl=1&dt=1692599722537&bpp=1&bdt=597&idt=201&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=5382810768&nras=1&correlator=7762022059180&frm=20&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599723&ga_hid=934380263&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31077090%2C31077093%2C31077148%2C44798934%2C44799578&oid=2&pvsid=3228640422216500&tmod=1071138358&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=1R9PigiGmM&p=http%3A//businessua.com&dtd=203

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f553645b1ae8bb42c524645dd6864ed03b7112b169fc177a74bef5dc192c368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40592
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Mon, 21 Aug 2023 06:35:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0d11748832caddd96690.b.js Show response
scripts.go2net.com.ua/scripts3/61391/ 28 KB
11 KB 21ms
20ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/0d11748832caddd96690.b.js
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:05 GMT
server: nginx
etag: W/"64db3e59-702f"
vary: Accept-Encoding
x-cached-since: 2023-08-17T08:28:34+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-id-fe: fr5-hw-edge-gc27
expires: Sat, 17 Aug 2024 08:28:34 GMT

GET
H2 200 658a385fec78f0e1897f.b.js Show response
scripts.go2net.com.ua/scripts3/61391/ 42 KB
18 KB 24ms
23ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/658a385fec78f0e1897f.b.js
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:10 GMT
server: nginx
etag: W/"64db3e5e-a793"
vary: Accept-Encoding
x-cached-since: 2023-08-17T08:28:34+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-id-fe: fr5-hw-edge-gc27
expires: Sat, 17 Aug 2024 08:28:34 GMT

GET
H2 200 8b73097df909af36f72d.b.js Show response
scripts.go2net.com.ua/scripts3/61391/ 13 KB
5 KB 31ms
30ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/8b73097df909af36f72d.b.js
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:12 GMT
server: nginx
etag: W/"64db3e60-326c"
vary: Accept-Encoding
x-cached-since: 2023-08-17T08:28:34+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-id-fe: fr5-hw-edge-gc27
expires: Sat, 17 Aug 2024 08:28:34 GMT

GET
H2 200 b9ab3f9972863fcb32ae.b.js Show response
scripts.go2net.com.ua/scripts3/61391/ 11 KB
4 KB 36ms
36ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/b9ab3f9972863fcb32ae.b.js
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f930509ebac4d0fe907137b7d065293ffb589ffa3b25c5022a82c28fb3510c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:15 GMT
server: nginx
etag: W/"64db3e63-2a79"
vary: Accept-Encoding
x-cached-since: 2023-08-17T08:28:35+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-id-fe: fr5-hw-edge-gc27
expires: Sat, 17 Aug 2024 08:28:35 GMT

GET
H2 200 ebbf73168cc26c2e1df5.b.js Show response
scripts.go2net.com.ua/scripts3/61391/ 221 KB
76 KB 19ms
18ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/ebbf73168cc26c2e1df5.b.js
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 036742a67d055b068e8aa8641fbc5fc15faa8ccb4a2c454fbc476467000bb082

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:19 GMT
server: nginx
etag: W/"64db3e67-37353"
vary: Accept-Encoding
x-cached-since: 2023-08-17T08:28:35+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-id-fe: fr5-hw-edge-gc27
expires: Sat, 17 Aug 2024 08:28:35 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 86ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/61391/01222d9d83294580d42d.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://businessua.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://businessua.com
date: Mon, 21 Aug 2023 06:35:22 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 85ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/61391/01222d9d83294580d42d.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://businessua.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://businessua.com
date: Mon, 21 Aug 2023 06:35:22 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 92ms
26ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/61391/01222d9d83294580d42d.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://businessua.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://businessua.com
date: Mon, 21 Aug 2023 06:35:22 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 cookie
cm.adform.net/ 43 B
106 B 85ms
28ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D66d39a21-69dc-4000-8ee6-093fb8ba95a2%26id%3D%24UID
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

18ms
17ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT, Mon, 21 Aug 2023 06:35:22 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Mon, 21 Aug 2023 06:35:22 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 match
dm-eu.hybrid.ai/ 0
281 B 66ms
17ms Image
text/plain 37.230.131.16
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=128&vid=ef9f601d57fe4b11b5c5faa3947ff8e9

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: http://businessua.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 530
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 /
s-cs.rmp.rakuten.com/ 43 B
309 B 62ms
22ms Image
image/gif 34.95.81.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-cs.rmp.rakuten.com/?d=40&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 88.81.95.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
via: 1.1 google
x-envoy-upstream-service-time: 9
server: istio-envoy
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2

200

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTEwMjg3ODAtNjhCMy00MzNBLTg2MjItNTgyOUMxRUIyRDNG&gdpr=-1&gdpr_consent={consent}
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent={consent}
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=%7Bconsent%7D&partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26...
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=51028780-68B3-433A-8622-5829C1EB2D3F

43 B
314 B

18ms
18ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=51028780-68B3-433A-8622-5829C1EB2D3F

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=51028780-68B3-433A-8622-5829C1EB2D3F
date: Mon, 21 Aug 2023 06:35:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEK_fYmyYWFC4uAEDN3kyUes&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9

35 B
349 B

33ms
17ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 0
x-xss-protection: 0

GET
H2

200

/
ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/
Redirect Chain

https://ks-match.admixer.net/?am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&site=90CA6F81-66E0-406E-97BC-7925D4BFDD2C&ip=80.255.10.202&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleW...
https://ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/?write-to-ch=0

0
62 B

53ms
22ms

Image
text/plain

146.0.227.98
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/?write-to-ch=0
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 146.0.227.98 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
keep-alive: timeout=25
content-length: 0

Redirect headers

location: //ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com?write-to-ch=0
date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
keep-alive: timeout=25
content-length: 0

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/setuid?entity=533&code=ef9f601d57fe4b11b5c5faa3947ff8e9
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Def9f601d57fe4b11b5c5faa3947ff8e9

43 B
687 B

23ms
23ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Def9f601d57fe4b11b5c5faa3947ff8e9

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
an-x-request-uuid: e8349a7b-636a-46cc-93a7-9f2538d1311b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
an-x-request-uuid: 0b3fd6e0-90b6-4228-b2eb-882b4de506b2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Def9f601d57fe4b11b5c5faa3947ff8e9
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZWY5ZjYwMWQ1N2ZlNGIxMWI1YzVmYWEzOTQ3ZmY4ZTk=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEMJU7itI_aktOckdVV5BTUM&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9

35 B
349 B

77ms
18ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9

42 B
942 B

45ms
39ms

Image
image/gif

18.200.152.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

HTTP/1.1

Server

18.200.152.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-152-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-00c5a57fc.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9ipnIhBoQOg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-0e03aa7e8.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: dd9g1Z5uRbI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZWY5ZjYwMWQ1N2ZlNGIxMWI1YzVmYWEzOTQ3ZmY4ZTk=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEEPHOeV-AqmfgHtvQ3BBCYI&google_cver=1

43 B
313 B

25ms
25ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEEPHOeV-AqmfgHtvQ3BBCYI&google_cver=1

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEEPHOeV-AqmfgHtvQ3BBCYI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 323
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie
cm.adform.net/ 43 B
105 B 26ms
25ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fads.smn.rs%2Fadxcm.aspx%3Fssp%3D66d39a21-69dc-4000-8ee6-093fb8ba95a2%26id%3D%24UID
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 128 KB
41 KB 83ms
30ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Aug 2023 06:35:22 GMT

GET
H2

200

786defbc5f2dbc35 Show response
ads.us.e-planning.net/uspd/1/ Frame FAE1
Redirect Chain

https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID

3 KB
1 KB

19ms
19ms

Document
text/html

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by: Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9807910574238256&cpv=c0cd4639-c3d8-0743-f812-51f616b8f05a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=ef9f601d-57fe-4b11-b5c5-faa3947ff8e9&data=%7B%22id%22%3A%22118c5dfe-8d5e-9b14-7a9e-4dcc4ee6dd72%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fbusinessua.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22128b804d-2c46-7ae0-e21a-19b9c54f4d64%22%2C%22tagid%22%3A%222c065325-08ba-4ef8-bd05-2ff75aca182a%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_2c06532508ba4ef8bd052ff75aca182a_zone_13111_sect_3964_site_3534%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 432a5917e5be5301a520ddedea696ec8369542d0f1242539fc301f92a55b8956

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 21 Aug 2023 06:35:22 GMT
expires: Mon, 21 Aug 2023 06:35:22 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Mon, 21 Aug 2023 06:35:22 GMT
location: /uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 01EC 3 KB
2 KB 106ms
30ms Document
text/html 2a0c:5c87:5160::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=707176
Requested by: Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9807910574238256&cpv=c0cd4639-c3d8-0743-f812-51f616b8f05a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=ef9f601d-57fe-4b11-b5c5-faa3947ff8e9&data=%7B%22id%22%3A%22118c5dfe-8d5e-9b14-7a9e-4dcc4ee6dd72%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fbusinessua.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22128b804d-2c46-7ae0-e21a-19b9c54f4d64%22%2C%22tagid%22%3A%222c065325-08ba-4ef8-bd05-2ff75aca182a%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_2c06532508ba4ef8bd052ff75aca182a_zone_13111_sect_3964_site_3534%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5160::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6641a317329e8b849784685cb7f2f362837a24145fdbfe25b1fe16f8cc7cb857

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://businessua.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1389
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:21 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1 204
No Content mmr445.gif
us.ck-ie.com/ 0
129 B 307ms
93ms Image
text/plain 8.2.108.175
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H2

200

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=ef9f601d57fe4b11b5c5faa3947ff8e9&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=ef9f601d57fe4b11b5c5faa3947ff8e9&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://pixel-eu.onprospects.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadmixer%26gdpr%3D%25gdpr%26gdp...
https://pixel-eu.onaudience.com/?partner=273&smartmap=1&gdpr=&gdpr_consent=&redirect=x.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3D%25_rid%26ssp%3Dadmixer%26gdpr%3D%25gdpr%26gdpr...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=39d1cbc10696232e/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D270%26expires%3D10%26user_id%3DNrGB8F9IYRQbjhjbaURUXYXn%26ssp%3Dadmixer...
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=NrGB8F9IYRQbjhjbaURUXYXn&ssp=admixer&gdpr=&gdpr_consent=
https://inv-nets.admixer.net/bs/cm.aspx?id=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&consent=&gdpr_pd=

43 B
314 B

14ms
13ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&consent=&gdpr_pd=

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&consent=&gdpr_pd=
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
349 B 97ms
17ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2

200

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1&rts=-6038073696628279715
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4bc6eae5-2ae8-52e9-97d2-0e87f3310b2c

43 B
314 B

19ms
18ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4bc6eae5-2ae8-52e9-97d2-0e87f3310b2c

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4bc6eae5-2ae8-52e9-97d2-0e87f3310b2c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1

43 B
766 B

11ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58613/ 0
125 B 74ms
15ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58613/occ

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/
Redirect Chain

https://ks-match.admixer.net/?am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&site=9FDD1D39-D632-4A1F-A6F6-008584274F13&ip=80.255.10.202&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleW...
https://ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/?write-to-ch=0

0
61 B

11ms
11ms

Image
text/plain

146.0.227.98
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/?write-to-ch=0
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 146.0.227.98 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
keep-alive: timeout=25
content-length: 0

Redirect headers

location: //ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com?write-to-ch=0
date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
keep-alive: timeout=25
content-length: 0

GET
H2 200 sync
t.adx.opera.com/ 35 B
467 B 80ms
22ms Image
image/gif 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60022&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5335b35b-1535-4787-b3f0-653a5ba28066

43 B
314 B

25ms
20ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5335b35b-1535-4787-b3f0-653a5ba28066

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5335b35b-1535-4787-b3f0-653a5ba28066
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store no-transform
server: nginx
content-length: 190
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK sync.html
s.console.adtarget.com.tr/ 0
0 415ms
22ms Image
text/html 185.83.69.18
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.18 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2

200

cs
cs.yellowblue.io/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Def9f601d57fe4b11b5c5faa3947ff8e9
https://cs.yellowblue.io/cs?aid=11576&id=ef9f601d57fe4b11b5c5faa3947ff8e9

0
320 B

132ms
34ms

Image
application/javascript

54.77.204.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11576&id=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 54.77.204.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-204-84.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: http://businessua.com/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

location: https://cs.yellowblue.io/cs?aid=11576&id=ef9f601d57fe4b11b5c5faa3947ff8e9
date: Mon, 21 Aug 2023 06:35:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 100
content-type: text/html; charset=utf-8

GET
H2

200

pic.gif
pa.tns-ua.com/bug/
Redirect Chain

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZA34D5DA4BFE4E979CA1DEB100B21A27&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=ef9f601d57fe4b11b5c5faa3947ff8e9

56 B
174 B

38ms
37ms

Image
image/gif

194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZA34D5DA4BFE4E979CA1DEB100B21A27&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.13.0
expires: -1

Redirect headers

location: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZA34D5DA4BFE4E979CA1DEB100B21A27&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache
server: nginx/1.13.0
content-length: 0
expires: -1

GET
H2

200

admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=ef9f601d57fe4b11b5c5faa3947ff8e9
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=ef9f601d57fe4b11b5c5faa3947ff8e9

43 B
130 B

13ms
12ms

Image
image/gif

49.12.83.94
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 49.12.83.94 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.94.83.12.49.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
content-length: 122
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content sfaf25.gif
us.ck-ie.com/ 0
129 B 174ms
92ms Image
text/plain 8.2.108.175
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.ck-ie.com/sfaf25.gif?puid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H/1.1 200
OK 1px-matching-go2net.gif
m.trafmag.com/images/ 35 B
207 B 23ms
20ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1 200
OK idsync
idsync.admixer.co.kr/ 43 B
904 B 1579ms
248ms Image
image/gif 183.110.238.136
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21-Aug-2023 15:35:24 +0900
Content-Type: image/gif;
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: private, max-age=0, no-cache, no-store
Connection: close
Content-Length: 43
Expires: Mon, 01 Jan 2000 00:00:00 +0900

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Def9f601d57fe...
https://x.bidswitch.net/sync?ssp=lemma&user_id=e8234bbe-3fec-11ee-a4de-801844df0ab8

43 B
145 B

16ms
9ms

Image
image/gif

3.127.96.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=lemma&user_id=e8234bbe-3fec-11ee-a4de-801844df0ab8
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 3.127.96.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
vary: Origin
content-type: text/html; charset=utf-8
location: //x.bidswitch.net/sync?ssp=lemma&user_id=e8234bbe-3fec-11ee-a4de-801844df0ab8
cache-control: no-cache, no-store, must-revalidate
content-length: 104
expires: 0

GET
H/1.1 200
OK 32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 42 B
510 B 289ms
91ms Image
image/gif 8.2.110.206
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=ef9f601d57fe4b11b5c5faa3947ff8e9&redir=[RED]
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx/1.24.0
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 22ms
21ms Image
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 21 Aug 2023 06:35:23 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 loader2.js Show response
scripts.go2net.com.ua/scripts3/ Frame 0B31 178 KB
56 KB 20ms
20ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fffa5f4ec639b79d01e8eea7483dcc39cecc151e0399aa2f668f3e3e8b706a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: fr5-hw-edge-gc27
date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2023 08:59:00 GMT
server: nginx
etag: W/"64db3e54-2c649"
x-cached-since: 2023-08-18T16:58:09+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
cross-origin-resource-policy: cross-origin
x-id-fe: fr5-hw-edge-gc27
expires: Fri, 18 Aug 2023 17:08:09 GMT

GET
H2 200 ev_view.aspx
inv-nets.admixer.net/ 43 B
190 B 10ms
10ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FBE%2F2950159&am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&cet=4&zone=6037660F-2A55-48A2-A35A-18F210643BBC&rule=EAF407D0-C3AD-4765-9FBE-9386704F2895&requestId=50f6cc9d-3ff7-435a-b16e-0d7e3408756c&hp=117228568&page=businessua.com%2F&pvid=71dce052-35ea-4ed1-94b1-60778f802f88&inst=ADS-EU-4&ts=638281965227597644&sf=0

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

GET
H2 204 ev_prebid.aspx
inv-nets.admixer.net/ 0
125 B 12ms
10ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE%2FBE%2F2950159&am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&zone=9926893A-1688-4DD9-AFB4-D173BD8A3A4D&device=28&rule=33035D98-F054-4B1A-BEA4-8CDB254B6AD9&requestId=15adf83c-1720-41a5-bfb5-12c08b7e0b41&hp=117228568&page=businessua.com%2F&segments=1%2C4%2C489&ts=638281965227597644&ap=MA%3D%3D&asign=151599890&sync=88%2C126%2C125&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-4&pxl=0&pvid=71dce052-35ea-4ed1-94b1-60778f802f88&ip=80.255.10.202&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:22 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

GET
H2 204 ev_prebid.aspx
inv-nets.admixer.net/ 0
125 B 26ms
25ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE%2FBE%2F2950159&am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&zone=9926893A-1688-4DD9-AFB4-D173BD8A3A4D&device=28&rule=ADE861B3-EDBC-4AC5-80B5-66123FFCB502&requestId=15adf83c-1720-41a5-bfb5-12c08b7e0b41&hp=117228568&page=businessua.com%2F&segments=489%2C1%2C4&ts=638281965227597644&ap=MA%3D%3D&asign=151599890&sync=88%2C126%2C125&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-4&pxl=0&pvid=71dce052-35ea-4ed1-94b1-60778f802f88&ip=80.255.10.202&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:22 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

GET
H2 200 c.html Show response
scripts.go2net.com.ua/scripts3/61391/ Frame 699F 738 B
407 B 19ms
18ms Document
text/html 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/c.html?b=61391
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 21 Aug 2023 06:35:22 GMT
etag: W/"64db3e64-2e2"
expires: Thu, 15 Aug 2024 12:58:00 GMT
last-modified: Tue, 15 Aug 2023 08:59:16 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2023-08-19T12:58:29+00:00
x-id: fr5-hw-edge-gc27
x-id-fe: fr5-hw-edge-gc27

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 98D0 145 KB
50 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc97be0205a0dc59b10bb3a53575a548b7ba1ffadc16aeae7756831647cc859c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50783
x-xss-protection: 0
server: cafe
etag: 4811405514516425422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2 204 ev_prebid.aspx
inv-nets.admixer.net/ 0
125 B 11ms
10ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE%2FBE%2F2950159&am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&zone=F908F676-C639-4E79-A9C4-E17A0B475084&device=28&rule=AC37E472-A7BC-417C-9557-81E776BB6B82&requestId=2f28fa65-0d45-4e93-bff1-83d99b8a0dca&hp=117228568&page=businessua.com%2F&segments=1%2C4%2C489&ts=638281965227597644&ap=MA%3D%3D&asign=-148208943&sync=88%2C126%2C125&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-4&pxl=0&pvid=71dce052-35ea-4ed1-94b1-60778f802f88&ip=80.255.10.202&item=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&crid=2C5EF17D-B996-4A90-AEDF-0FF46DF1CE39&size=350x240&profile=A0E4EF3E-1F40-4319-A1CF-B36A82B3ABD5&isopt=0&adv=N%2FA&dsp=Admixer+Display&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:22 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

GET
H2 200 ev_view.aspx
inv-nets.admixer.net/ 43 B
190 B 11ms
11ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FBE%2F2950159&am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&cet=4&zone=F908F676-C639-4E79-A9C4-E17A0B475084&rule=753B1D54-DC79-47B3-BD71-2DCFE31C80F6&requestId=2f28fa65-0d45-4e93-bff1-83d99b8a0dca&hp=117228568&page=businessua.com%2F&pvid=71dce052-35ea-4ed1-94b1-60778f802f88&inst=ADS-EU-4&ts=638281965227597644&sf=0

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame FAE1 0
187 B 61ms
16ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D437f72dac62c6c49
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 400
Bad Request pbs.gif
sync.admanmedia.com/ Frame FAE1 20 B
20 B 300ms
91ms Image
text/plain 8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D437f72dac62c6c49%26uid%3D%5BUID%5D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H2 200 prebid
rtb.openx.net/sync/ Frame FAE1 43 B
245 B 49ms
20ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D437f72dac62c6c49%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame FAE1 566 B
521 B 62ms
17ms Script
application/x-javascript 193.3.178.1
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sat, 19 Aug 2028 06:35:22 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame FAE1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D437f72dac62c6c49%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=437f72dac62c6c49&uid=5538126985213991769

42 B
104 B

66ms
18ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=437f72dac62c6c49&uid=5538126985213991769
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
an-x-request-uuid: 64c8b214-85aa-48e3-9ded-3d15e6448e62
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=437f72dac62c6c49&uid=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame FAE1
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D437f72dac62c6c49%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=437f72dac62c6c49&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a

42 B
103 B

18ms
18ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=437f72dac62c6c49&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=437f72dac62c6c49&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 200 us
sync.go.sonobi.com/ Frame FAE1 0
400 B 315ms
100ms Image
text/plain 69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D437f72dac62c6c49%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-183
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

400

um
u-ams03.e-planning.net/ Frame FAE1
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49

0
0

21ms
20ms

Image
text/html

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49
date: Mon, 21 Aug 2023 06:35:23 GMT
server: fasthttp
content-length: 0

GET
H2 200 c.html Show response
scripts.go2net.com.ua/scripts3/61391/ Frame 0C29 738 B
407 B 21ms
21ms Document
text/html 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.go2net.com.ua/scripts3/61391/c.html?b=61391
Requested by: Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 21 Aug 2023 06:35:22 GMT
etag: W/"64db3e64-2e2"
expires: Thu, 15 Aug 2024 12:58:00 GMT
last-modified: Tue, 15 Aug 2023 08:59:16 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2023-08-19T12:58:29+00:00
x-id: fr5-hw-edge-gc27
x-id-fe: fr5-hw-edge-gc27

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5942
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

66ms
23ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1798 15 KB
6 KB 95ms
15ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum.casalemedia.com/ Frame 5B89
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1

2 KB
3 KB

14ms
13ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 30f762bb88e7ad6754ff9638fed1a145d4faaf40932ad4a44ee6e837570d3363

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1849
Content-Type: text/html
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame C5BF 1 KB
998 B 69ms
11ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
etag: W/"61ddbb71-5f5"
expires: Thu, 02 Mar 2028 17:17:56 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: 214e3772239a51f28bbf4d70e752451d
x-cf-tsc: 1677950277
x-cf1: 29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 2AB4 0
0 44ms
12ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 3F22 8 KB
2 KB 80ms
45ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9b6d9af90c58d96a590b88654d83e13d123afb1579fed0708ba4de2e8db587d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 7fa0db0cd90d4da6-FRA
content-encoding: br
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H2 200 dsp.aspx Show response
ads.go2net.com.ua/ 8 KB
3 KB 12ms
12ms Script
application/javascript 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3739323555756537.5&cpv=c0cd4639-c3d8-0743-f812-51f616b8f05a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=ef9f601d-57fe-4b11-b5c5-faa3947ff8e9&data=%7B%22id%22%3A%22847481cf-2d47-84fc-305e-2f327aaacccf%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fbusinessua.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d5fee4f-d63f-0d83-7fad-4189d3199cf5%22%2C%22tagid%22%3A%22864179e2-8571-48eb-841c-bca0cd1d9c3e%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_218111201%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

7de6e97ff042d5233cc48cc4808d5f1f48f5a4a44a73b825fe8f86a2e13759a7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
server: nginx
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NID DSP ALL COR"
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 2412
x-xss-protection: 0

GET
H2 204 d
ic.tynt.com/r/ Frame 94B8 0
0 329ms
104ms Document
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame B81C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769

43 B
456 B

283ms
90ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:22 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 35e656f0-4a50-49ae-955a-df5f96aea6af
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame C086 0
0 33ms
11ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
ads.us.e-planning.net/uspd/1/ Frame 30D5 3 KB
1 KB 20ms
20ms Document
text/html 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2c559b652b9464a184116bd83748f9a6f29ad64f70eb4d1926e57b240e28799e

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 21 Aug 2023 06:35:22 GMT
expires: Mon, 21 Aug 2023 06:35:22 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 18EA 2 KB
1 KB 433ms
22ms Document
text/html 185.83.69.18
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.18 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 884
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 728D 2 KB
1 KB 25ms
20ms Document
text/html 2a0c:5c87:5160::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5160::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 78caf0aa7c8036db15e75fa9cdb286a17fb12c436c49e286637bcd2d1f005f1b

Request headers

Referer: https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 874
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 63E3 15 KB
6 KB 75ms
14ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 01EC 0
277 B 73ms
22ms Image
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 21 Aug 2023 06:35:23 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 01EC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5538126985213991769

43 B
456 B

293ms
90ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5538126985213991769
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
an-x-request-uuid: 73a34a71-c648-404b-b5ce-7d99ee5539ac
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
vid.vidoomy.com/ Frame 01EC 0
0 97ms
18ms Image
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 01EC
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=279b1ace-7e34-494c-aa59-4d9ef14677a7

43 B
473 B

273ms
90ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=279b1ace-7e34-494c-aa59-4d9ef14677a7
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=279b1ace-7e34-494c-aa59-4d9ef14677a7
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 01EC
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1eada23a-6f13-4b6a-a53b-bce79e765870

43 B
473 B

253ms
89ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1eada23a-6f13-4b6a-a53b-bce79e765870
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=1eada23a-6f13-4b6a-a53b-bce79e765870
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame 01EC 43 B
320 B 308ms
89ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=${USER_ID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 01EC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1692599723061
https://ad.turn.com/r/cs?pid=45&rndcb=1365395517
https://sync.1rx.io/usersync/turn/7184923818344317381?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-7bd7c504-4654-4feb-816c...
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003

43 B
480 B

86ms
86ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX7bd7c50446544feb816c0f6fb7e4c26c003
content-type: text/html

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 01EC
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=ef9f601d57fe4b11b5c5faa3947ff8e9

43 B
469 B

90ms
89ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
location: https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=ef9f601d57fe4b11b5c5faa3947ff8e9
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 0
x-xss-protection: 0

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame 30D5 0
187 B 17ms
17ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D437f72dac62c6c49
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 400
Bad Request pbs.gif
sync.admanmedia.com/ Frame 30D5 20 B
20 B 279ms
91ms Image
text/plain 8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D437f72dac62c6c49%26uid%3D%5BUID%5D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 30D5 43 B
103 B 30ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D437f72dac62c6c49%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 30D5 566 B
520 B 28ms
16ms Script
application/x-javascript 193.3.178.1
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sat, 19 Aug 2028 06:35:22 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 30D5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D437f72dac62c6c49%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=437f72dac62c6c49&uid=5538126985213991769

42 B
103 B

30ms
22ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=437f72dac62c6c49&uid=5538126985213991769
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
an-x-request-uuid: a0de1669-73c6-4e5e-a5ff-fc105b0cba90
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=437f72dac62c6c49&uid=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 30D5
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D437f72dac62c6c49%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=437f72dac62c6c49&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a

42 B
103 B

60ms
60ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=437f72dac62c6c49&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=437f72dac62c6c49&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 200 us
sync.go.sonobi.com/ Frame 30D5 0
400 B 228ms
101ms Image
text/plain 69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D437f72dac62c6c49%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-214
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

400

um
u-ams03.e-planning.net/ Frame 30D5
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49

0
0

21ms
21ms

Image
text/html

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49
date: Mon, 21 Aug 2023 06:35:23 GMT
server: fasthttp
content-length: 0

OPTIONS
H/1.1 204
No Content stats
stats.phoenix-widget.com/ Frame 0
0 96ms
23ms Preflight
text/plain 188.166.37.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.phoenix-widget.com/stats
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.37.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://businessua.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx/1.10.3 (Ubuntu)

POST
H3 200 collect Show response
www.google-analytics.com/ 35 B
55 B 45ms
21ms XHR
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: phoenix-widget.com
URL: http://phoenix-widget.com/static/js/jsonp_v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://businessua.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: http://businessua.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK stats Show response
stats.phoenix-widget.com/ 0
356 B 31ms
27ms XHR
text/plain 188.166.37.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.phoenix-widget.com/stats
Requested by: Host: phoenix-widget.com
URL: http://phoenix-widget.com/static/js/jsonp_v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.37.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://businessua.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 21 Aug 2023 06:35:23 GMT
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H2 200 imp
notify.mgid.com/phoenix_native/ 43 B
167 B 395ms
125ms Image
image/gif 64.58.116.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notify.mgid.com/phoenix_native/imp?e=ug9ZaweEEojs0OcFDO6hKjmFZ7DSJUP6nSQBsCDNyI52n2lP9_vWL-w2xF8wlczYhYCCwT-E0mo2Ms8T1ElozIpSWbRW_QwK-bFXHz5JgdpSXnlRcop2K4QJb5DhWES6YwgVt-OU8fCyShG9wQ0t0dZ09MT_VRYmCNL1VNNScXVkmY3x8G7N5dYi_m2oanF7u0XYmngMZKfo0wuBJ6dRZp-GHnsp8SMOl6jl-FKk0M3LQZWQ6SKgF1XQ-fRfYobXMwd6cODGPn6qyxsAsLV-QU2kys2onDpFykvhDtuE_obnCssMruyQWSDIVEx8Y2imahIwBwXtG5Di4iYEKQpIGwP24oG-mlPINvDCGrSU3us7PMM5Auy5M1hjDMP-l_FWkXXWyHmyF9urkW1NEuTpJZ0NdydLihx2uW5zoDeSK-T8coixPwOwM1M9bwFWScrbFmlO0vAlcFOleU8E0xVYhTBd6e9oPa2pcaYobWOYyPtiUkSuypqd0dV7L4P-LYJf
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.58.116.142 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:23 GMT
x-mg-request-uuid: e22e4ed4-bb51-4b7e-b72f-9965f1ffb758
server: nginx
content-type: image/gif

GET
H2 200 m
cm.mgid.com/ 43 B
432 B 47ms
39ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=549473&mode=inverse&c=64e305aa834c08d2246b0b8e
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7fa0db0f5bd52406-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2

200

media Show response
a4p.adpartner.pro/ Frame 05F6
Redirect Chain

http://a4p.adpartner.pro/media?site_id=658&unit_id=7360
https://a4p.adpartner.pro/media?site_id=658&unit_id=7360

11 KB
3 KB

30ms
29ms

Script
text/html

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media?site_id=658&unit_id=7360
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 9652646e4c2f516ef05a7f8ded2e572eda59d09fdf976612ab52970072e20353

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8

Redirect headers

Location: https://a4p.adpartner.pro/media?site_id=658&unit_id=7360
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 162
Content-Type: text/html

GET
H2 200 786defbc5f2dbc35 Show response
ads.us.e-planning.net/uspd/1/ Frame F875 3 KB
1 KB 23ms
22ms Document
text/html 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by: Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3739323555756537.5&cpv=c0cd4639-c3d8-0743-f812-51f616b8f05a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=ef9f601d-57fe-4b11-b5c5-faa3947ff8e9&data=%7B%22id%22%3A%22847481cf-2d47-84fc-305e-2f327aaacccf%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fbusinessua.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d5fee4f-d63f-0d83-7fad-4189d3199cf5%22%2C%22tagid%22%3A%22864179e2-8571-48eb-841c-bca0cd1d9c3e%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_218111201%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: e639a498db65b001efa936a3369ea5f1bf4fef8fc78a7330fc1cc7f5594b0d34

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Mon, 21 Aug 2023 06:35:23 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame B457 3 KB
2 KB 29ms
23ms Document
text/html 2a0c:5c87:5160::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=707176
Requested by: Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=3739323555756537.5&cpv=c0cd4639-c3d8-0743-f812-51f616b8f05a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=ef9f601d-57fe-4b11-b5c5-faa3947ff8e9&data=%7B%22id%22%3A%22847481cf-2d47-84fc-305e-2f327aaacccf%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fbusinessua.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d5fee4f-d63f-0d83-7fad-4189d3199cf5%22%2C%22tagid%22%3A%22864179e2-8571-48eb-841c-bca0cd1d9c3e%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_218111201%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5160::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d66263b105f5833e2b45e1dd4b69b17357b13703d4777ae80ecf38c1def1fcc2

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://businessua.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1371
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 ev_view.aspx
ads.go2net.com.ua/ 43 B
190 B 15ms
10ms Image
image/gif 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.go2net.com.ua/ev_view.aspx?cc=DE%2FBE%2F2950159&am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&cet=4&zone=864179E2-8571-48EB-841C-BCA0CD1D9C3E&rule=529CD982-CB4A-4C7D-80E3-B4ABA029F210&requestId=6ae320fa-5ae5-4ece-86f2-5e5faeedf466&hp=117228568&page=businessua.com%2F&pvid=3e402558-3dd7-4cd8-926a-31dc68deffd6&inst=ADS-EU-4&ts=638281965229852935&sf=0

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
207 B 22ms
19ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 20ms
19ms Image
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 21 Aug 2023 06:35:23 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4bc6eae5-2ae8-52e9-97d2-0e87f3310b2c

43 B
314 B

18ms
18ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4bc6eae5-2ae8-52e9-97d2-0e87f3310b2c

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=4bc6eae5-2ae8-52e9-97d2-0e87f3310b2c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
174 B 40ms
39ms Image
image/gif 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.13.0
expires: -1

GET
H2

200

/
ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/
Redirect Chain

https://ks-match.admixer.net/?am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&site=9FDD1D39-D632-4A1F-A6F6-008584274F13&ip=80.255.10.202&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleW...
https://ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/?write-to-ch=0

0
61 B

12ms
12ms

Image
text/plain

146.0.227.98
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com/?write-to-ch=0
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 146.0.227.98 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
keep-alive: timeout=25
content-length: 0

Redirect headers

location: //ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com?write-to-ch=0
date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
keep-alive: timeout=25
content-length: 0

GET
H/1.1 200
OK ibs:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9
dpm.demdex.net/ 42 B
942 B 40ms
40ms Image
image/gif 18.200.152.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.152.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-152-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0d440bd63.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +88v5U8TSpI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=ef9f601d57fe4b11b5c5faa3947ff8e9&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=ef9f601d57fe4b11b5c5faa3947ff8e9&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_eebf722a-854f-4970-89f2-d29f24b9d05a&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
https://inv-nets.admixer.net/bs/cm.aspx?id=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&consent=&gdpr_pd=

43 B
314 B

17ms
17ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&consent=&gdpr_pd=

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&consent=&gdpr_pd=
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ 0
280 B 26ms
17ms Image
text/plain 37.230.131.16
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=128&vid=ef9f601d57fe4b11b5c5faa3947ff8e9

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: http://businessua.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 537
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK idsync
idsync.admixer.co.kr/ 43 B
904 B 2329ms
252ms Image
image/gif 183.110.238.136
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21-Aug-2023 15:35:25 +0900
Content-Type: image/gif;
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: private, max-age=0, no-cache, no-store
Connection: close
Content-Length: 43
Expires: Mon, 01 Jan 2000 00:00:00 +0900

GET
H/1.1 204
No Content mmr445.gif
us.ck-ie.com/ 0
129 B 100ms
99ms Image
text/plain 8.2.108.175
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H/1.1

200
OK

ibs:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9
dpm.demdex.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEK_fYmyYWFC4uAEDN3kyUes&google_cver=1
https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9

42 B
942 B

39ms
39ms

Image
image/gif

18.200.152.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

HTTP/1.1

Server

18.200.152.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-152-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-09ffa1c7c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mTimBs02R7k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=ef9f601d57fe4b11b5c5faa3947ff8e9
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 0
x-xss-protection: 0

GET
H2 200 setuid
ib.adnxs.com/ 43 B
637 B 34ms
25ms Image
image/gif 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=533&code=ef9f601d57fe4b11b5c5faa3947ff8e9

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
an-x-request-uuid: 95a73f11-530b-4a56-86a0-05b69fffb3b7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content sfaf25.gif
us.ck-ie.com/ 0
129 B 92ms
91ms Image
text/plain 8.2.108.175
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.ck-ie.com/sfaf25.gif?puid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H/1.1 200
OK usermatchredir
ssum-sec.casalemedia.com/ 43 B
632 B 10ms
10ms Image
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

GET
H2

200

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5335b35b-1535-4787-b3f0-653a5ba28066

43 B
314 B

17ms
17ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5335b35b-1535-4787-b3f0-653a5ba28066

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=5335b35b-1535-4787-b3f0-653a5ba28066
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store no-transform
server: nginx
content-length: 190
content-type: text/html; charset=utf-8

GET
H2 200 cookie
cm.adform.net/ 43 B
105 B 34ms
26ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fads.smn.rs%2Fadxcm.aspx%3Fssp%3D66d39a21-69dc-4000-8ee6-093fb8ba95a2%26id%3D%24UID
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 sync
t.adx.opera.com/ 35 B
466 B 16ms
16ms Image
image/gif 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60022&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm-notify
creativecdn.com/ 42 B
243 B 25ms
18ms Image
image/gif 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT, Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1px-matching-go2net.gif
m.trafmag.com/images/ 35 B
207 B 20ms
17ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZWY5ZjYwMWQ1N2ZlNGIxMWI1YzVmYWEzOTQ3ZmY4ZTk=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEA-_WonBlphanVxeN7BYAvc&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9

35 B
207 B

72ms
71ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=ef9f601d57fe4b11b5c5faa3947ff8e9
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 0
x-xss-protection: 0

GET
H2

204

current
pubmatic-match.dotomi.com/match/bounce/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent={consent}
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent={consent}&piggybackCookie=CAESEJkNMS8zA2ng-Lj7r2-LFts&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}&us_privacy=${US_PRIVACY}
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent={consent}

0
104 B

107ms
27ms

Image
text/plain

2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent={consent}
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

Redirect headers

location: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent={consent}
date: Mon, 21 Aug 2023 06:35:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 191
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK 32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 42 B
510 B 94ms
92ms Image
image/gif 8.2.110.206
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=ef9f601d57fe4b11b5c5faa3947ff8e9&redir=[RED]
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx/1.24.0
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK sync.html
s.console.adtarget.com.tr/ 0
0 23ms
22ms Image
text/html 185.83.69.18
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.18 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 cookie
cm.adform.net/ 43 B
105 B 33ms
26ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D66d39a21-69dc-4000-8ee6-093fb8ba95a2%26id%3D%24UID
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Def9f601d57fe...
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=ef9f601d57fe4b11b5c5faa3947ff8e9e8234bbe-3fec-11ee-a4de-801844df0ab8

43 B
314 B

10ms
10ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=ef9f601d57fe4b11b5c5faa3947ff8e9e8234bbe-3fec-11ee-a4de-801844df0ab8

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
vary: Origin
content-type: text/html; charset=utf-8
location: https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=ef9f601d57fe4b11b5c5faa3947ff8e9e8234bbe-3fec-11ee-a4de-801844df0ab8
cache-control: no-cache, no-store, must-revalidate
content-length: 179
expires: 0

GET
H2 200 /
s-cs.rmp.rakuten.com/ 43 B
214 B 27ms
20ms Image
image/gif 34.95.81.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-cs.rmp.rakuten.com/?d=40&uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 88.81.95.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-envoy-upstream-service-time: 5
server: istio-envoy
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 admixer
exchange.buzzoola.com/cookiesync/ssp/ 43 B
130 B 11ms
11ms Image
image/gif 49.12.83.94
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.83.94 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.94.83.12.49.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58613/ 0
15 B 22ms
16ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58613/occ

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

current
pubmatic-match.dotomi.com/match/bounce/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Def9f601d57fe4b11b5c5faa3947ff8e9
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=0
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=0&piggybackCookie=CAESEJkNMS8zA2ng-Lj7r2-LFts&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0&us_privacy=${US_PRIVACY}
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=0

0
103 B

108ms
27ms

Image
text/plain

2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=0
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

Redirect headers

location: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=0
date: Mon, 21 Aug 2023 06:35:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 183
content-type: text/html; charset=utf-8

GET
H2

200

cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZWY5ZjYwMWQ1N2ZlNGIxMWI1YzVmYWEzOTQ3ZmY4ZTk=&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEEShP6sh19xxxMRNCHMIQ8A&google_cver=1

43 B
314 B

18ms
17ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEEShP6sh19xxxMRNCHMIQ8A&google_cver=1

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
content-type: image/gif
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEEShP6sh19xxxMRNCHMIQ8A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 323
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 113ms
26ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=32611237471

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://businessua.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: http://businessua.com
date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3903
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

49ms
23ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3942 15 KB
6 KB 19ms
9ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usermatch Show response
ssum.casalemedia.com/ Frame 4A2D 2 KB
3 KB 20ms
14ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: c5bd22445d2f97204360724b634ed76bcedb05ae689b9c4f6d2404b5362cc580

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1942
Content-Type: text/html
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 1477 1 KB
998 B 20ms
10ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
etag: W/"61ddbb71-5f5"
expires: Thu, 02 Mar 2028 17:17:56 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: 12af3b4ddc301f633b4359d50f86a6c1
x-cf-tsc: 1677950277
x-cf1: 29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 96B4 0
0 19ms
11ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 5934 760 B
794 B 62ms
54ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e888b39b65915ddee6d18200e2728efcf0c79a4fdcec0a30de73c084170313b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 7fa0db0d397b4da6-FRA
content-encoding: br
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H/1.1 200
OK 62e2788fc30bb4ea27b5a3ba.jpg
img.phoenix-widget.com/w/q85/b/ 13 KB
13 KB 76ms
25ms Image
image/jpeg 178.62.226.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.phoenix-widget.com/w/q85/b/62e2788fc30bb4ea27b5a3ba.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 178.62.226.6 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: cab9e4fa6b7205bf816af2b8c1dac65ffaabe1b9124212dd0661322226e719a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Etag: 15535-c661c17e4b7dc7cde4961c4a8c5e6a51b2fc210d
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public, immutable
Connection: keep-alive
Content-Length: 13410
Expires: Tue, 20 Aug 2024 06:35:23 GMT

GET
H/1.1 200
OK 637c996a6b3ab3fba14460fd.jpg
img.phoenix-widget.com/w/q85/b/ 41 KB
41 KB 76ms
26ms Image
image/jpeg 178.62.226.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.phoenix-widget.com/w/q85/b/637c996a6b3ab3fba14460fd.jpg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 178.62.226.6 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 9b4b84fd1d67cd6a149017fcb087092660c493c4244d43a4abe5e6c2a73e7dfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Etag: 48194-dde4ebbaccfa7678f33b77220541a2e087b73f55
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public, immutable
Connection: keep-alive
Content-Length: 41867
Expires: Tue, 20 Aug 2024 06:35:23 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy8xNTgzNDQvODQ1Z...
s-img.mgid.com/g/16805860/453x254/-/ 30 KB
31 KB 586ms
499ms Image
image/jpeg 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/16805860/453x254/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNy8xNTgzNDQvODQ1ZGM1YmUyMzQ5YTVlMjRjMDU2N2RlMjExYmQwYTcuanBn.jpg?v=1692599722-l9YFBrUv4jiJmX5EfSJ01mgHHCqBHGgKrv2zjeU-c8U
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b65807e5d0c48fe0f41c2be2c7fe83fb1b00be3588a2a40aef0de29b909cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
cf-cache-status: MISS
last-modified: Mon, 21 Aug 2023 06:35:23 GMT
x-mg-request-uuid: 6ec55884-c499-4d06-abee-831e71c06c64
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7fa0db0dea1e2406-LHR
content-length: 31143
alt-svc: h3=":443"; ma=86400

GET
H2

200

P1jpxuMTR3WIwNHYHBUkjlWOazNLCwjkUiad8pMe.png
reimgs.net/
Redirect Chain

https://icdns.net/b2/c/i/icon?cid=1&did=QGhScWI&eid=623&nid=1&sid=3307393078NwlHaRpa&ts=1692599722&ttl=7200&v=v5.7.18
https://reimgs.net/P1jpxuMTR3WIwNHYHBUkjlWOazNLCwjkUiad8pMe.png?x=0&y=0

164 KB
165 KB

57ms
13ms

Image
image/png

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reimgs.net/P1jpxuMTR3WIwNHYHBUkjlWOazNLCwjkUiad8pMe.png?x=0&y=0
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7febeab1d3a3e84da74e27b92f4fed2f67d4522bd4a912130891bf9c8f5db8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 04:56:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5912
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRg6AE2XabddnbB85O4xRbCGHwCQIC97HZSgOgmXDOxZy%2FTcHSAHi6OllNQysMHZAY8gDoauDFmNgYBWRkIogebvwV%2BlseIWRZvxZe4W44RV7kQlUQQtrTh9aGLHcpSMUuX8QI%2BBGxvb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 7fa0db13bf0a363d-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

location: https://reimgs.net/P1jpxuMTR3WIwNHYHBUkjlWOazNLCwjkUiad8pMe.png?x=0&y=0
date: Mon, 21 Aug 2023 06:35:23 GMT
referrer-policy: no-referrer
server: dspclick-v3.8.10
content-length: 0

GET
H/1.1 200
OK watermark.png
phoenix-widget.com/static/img/ 2 KB
2 KB 34ms
26ms Image
image/png 188.166.21.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://phoenix-widget.com/static/img/watermark.png
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 188.166.21.205 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 00b923d74fc40605b62bfff096a978bdc22fe6ba31a9a84bd7d813c37e4b0d30

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Last-Modified: Wed, 28 Jul 2021 10:32:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6101324d-6a1"
Content-Type: image/png
Cache-Control: max-age=315360000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1697
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5B89 70 B
264 B 145ms
38ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5B89
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

222ms
112ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NPWC6WTYW65RDEH5P2C1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QWWHVJ980V3XQN8PZDDY
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5B89
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1

43 B
632 B

13ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 5B89
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOMFqxm6LbaPmu.dTkmN8gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2

43 B
772 B

31ms
30ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SSlpVax%2BP4d4Tv92hcPRyHIvGHNHK5fI4GQE7ZeEeOnd1zDq%2BME4E44627kbxXhogRocnPx8YD3RDSJ%2B%2F9I2N2SdCsvn4nnlDiLBIGNchPrveyH3JGjZkOdq0eiKumtq6bUbr5syG%2F3lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db101b7e1d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 5B89
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
738 B

27ms
27ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zLIBvRPfM3Oz%2FAjxDdgoK7ufvI3HplnlV8LN%2F6NhowHTvFrsqHQQiSeqeRWRUmM9eCzrZCYAlWj%2FN2sFDF09DeubM2lm%2BZNdMw05THT8xvQOSGQowYA6CY%2BaHiRQcbVqhHbCjhFmS996Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db12ef041d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Mon, 21 Aug 2023 06:35:23 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 5B89 43 B
145 B 21ms
18ms Image
image/gif 3.127.96.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.96.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 5B89 43 B
433 B 173ms
33ms Image
image/gif 52.212.242.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.242.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-242-190.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 5B89
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

43 B
732 B

38ms
38ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Zx6BI4r4eKgCN0jWyI2YjJtTEichVCUEOlExlqontXu6p1WvCiq%2Ffo4p5%2F1EomxhlgHA3t3eNdpAhVxUdnagBV8J3k7gGX9PXZpPfHy0XNzwd1qphrKHJJqQSz4rqVj7EyIzctl85RovA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db226b031d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date: Mon, 21 Aug 2023 06:35:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
content-type: text/html; charset=utf-8

GET
H2 200 um
u-ams03.e-planning.net/ Frame 5B89 42 B
103 B 21ms
19ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=437f72dac62c6c49&uid=ZOMFqxm6LbaPmu.dTkmN8gAA%263346
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 14C9 15 KB
6 KB 12ms
11ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame A52D 0
0 13ms
12ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame 728D 43 B
320 B 300ms
90ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

GET
H2 400 getuid
ib.adnxs.com/ Frame 3F22 0
0 24ms
24ms Image
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 3F22 170 B
188 B 22ms
22ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3F22
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=9a25b7e4-eac2-422c-978c-e6b52eed63c2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619...

95 B
177 B

40ms
39ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=9a25b7e4-eac2-422c-978c-e6b52eed63c2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db101cf14da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?cid=9a25b7e4-eac2-422c-978c-e6b52eed63c2&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 3F22 0
453 B 60ms
34ms Image
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3F22 70 B
265 B 99ms
37ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 3F22 0
203 B 81ms
20ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230064-FRA
server: nginx
x-timer: S1692599723.184935,VS0,VE9
x-fastly-to-nlb-rtt: 7555
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 3F22 0
411 B 856ms
94ms Image
text/html 2600:1f18:6593:f608:78e4:ddc4:e083:81a6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f608:78e4:ddc4:e083:81a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3F22 0
166 B 140ms
22ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 21 Aug 2023 06:35:23 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 404 genericusersync.ashx
sync.tidaltv.com/ Frame 3F22 0
67 B 162ms
33ms Image
text/plain 2a05:d018:24:b002:30d4:cd9b:2350:dbd6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:24:b002:30d4:cd9b:2350:dbd6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3F22
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=eb1bb156-f82b-4801-4687-46190b511460&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://mwzeom.zeotap.com/mw?cid=73443300314894343833732874422972847834&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-...

95 B
154 B

42ms
42ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=73443300314894343833732874422972847834&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0f3beb4da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v050-0a29368df.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: JitsqLkbQuI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=73443300314894343833732874422972847834&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 3F22 0
324 B 113ms
13ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3F22
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=eb1bb156-f82b-4801-4687-46190b511460&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-...
https://mwzeom.zeotap.com/mw?cid=BE1-2023082108-75753-0.246015001692599723-ed498d165fc494abd468c9efd7f411a7&zdid=533&env=mWeb

95 B
154 B

44ms
42ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=BE1-2023082108-75753-0.246015001692599723-ed498d165fc494abd468c9efd7f411a7&zdid=533&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0f7c3e4da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2023082108-75753-0.246015001692599723-ed498d165fc494abd468c9efd7f411a7&zdid=533&env=mWeb
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3F22
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7269660455508244640&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-...

95 B
154 B

41ms
40ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7269660455508244640&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0f7c3d4da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7269660455508244640&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 3F22
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=eb1bb156-f82b-4801-4687-46190b511460
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=eb1bb156-f82b-4801-4687-46190b511460

95 B
435 B

27ms
25ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=eb1bb156-f82b-4801-4687-46190b511460

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=eb1bb156-f82b-4801-4687-46190b511460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3F22
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=eb1bb156-f82b-4801-4687-46190b511460&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=eb1bb156-f82b-4801-4687-46190b511460&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://mwzeom.zeotap.com/mw?webouuid=2nIwEPapCtjywpHZjr5EtO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-46...

95 B
204 B

41ms
41ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?webouuid=2nIwEPapCtjywpHZjr5EtO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db101cf54da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
via: 1.1 google
last-modified: Mon, 21 Aug 2023 06:35:23 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=2nIwEPapCtjywpHZjr5EtO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 404 2.gif
dmp.theadex.com/d/949/i/ Frame 3F22 0
84 B 71ms
16ms Image
text/plain 185.15.245.83
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=eb1bb156-f82b-4801-4687-46190b511460&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3F22
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=eb1bb156-f82b-4801-4687-46190b511460?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

95 B
154 B

40ms
40ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0fac6e4da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
cache-control: no-cache
x-server: 10.45.19.215
content-length: 0
expires: 0

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58697/ Frame 3F22
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP

0
15 B

15ms
11ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
content-type: text/html
cache-control: no-store
content-length: 343

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3F22
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=In0q0dN0j7bdUa%2FDq8ZDGbFYcoqntT8P%2BS41iYitP1U%3D

95 B
154 B

65ms
63ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=In0q0dN0j7bdUa%2FDq8ZDGbFYcoqntT8P%2BS41iYitP1U%3D

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0fcc864da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=In0q0dN0j7bdUa%2FDq8ZDGbFYcoqntT8P%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 3F22 42 B
213 B 56ms
20ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=eb1bb156-f82b-4801-4687-46190b511460&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 3F22 0
338 B 112ms
34ms Image
text/plain 34.252.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.154.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-154-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=57 t=1692599723
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 3F22 95 B
375 B 65ms
12ms Image
image/png 168.119.72.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=eb1bb156-f82b-4801-4687-46190b511460&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.236.72.119.168.clients.your-server.de
Software: nginx / PHP/8.2.5
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/png
date: Mon, 21 Aug 2023 06:35:28 GMT
server: nginx
x-powered-by: PHP/8.2.5
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame 3F22
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...

85 B
149 B

12ms
11ms

Image
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361&_test=ZOMFqwAKK4O8TgAN
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230057-FRA
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2692
x-timer: S1692599724.718393,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 13747

Redirect headers

x-served-by: cache-fra-eddf8230057-FRA
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692599724.513400,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361&_test=ZOMFqwAKK4O8TgAN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3F22
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=Pv3YDHj5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=eb1bb156-f82b-4801-4687-46190b511460

0
337 B

29ms
29ms

Image
text/plain

34.252.154.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=eb1bb156-f82b-4801-4687-46190b511460
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 34.252.154.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-154-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Mon, 21 Aug 2023 06:35:24 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1692599724
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 21 Aug 2023 06:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: text/html; charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=eb1bb156-f82b-4801-4687-46190b511460
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db12f8084da6-FRA
access-control-allow-headers: *

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 3F22
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=eb1bb156-f82b-4801-4687-46190b511460&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-468...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=eb1bb156-f82b-4801-4687-46190b511460&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-468...

43 B
568 B

36ms
36ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=eb1bb156-f82b-4801-4687-46190b511460&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JMAM94XZAY937X7RMTK9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S3QHTJTRBVE05YTE3K4Q
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=eb1bb156-f82b-4801-4687-46190b511460&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame 3F22 0
145 B 222ms
151ms Image
text/plain 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=eb1bb156-f82b-4801-4687-46190b511460&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 3F22
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

95 B
154 B

51ms
49ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db10cdbd4da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
date: Mon, 21 Aug 2023 06:35:23 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ Frame 3F22 0
214 B 58ms
11ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=41544&puid=eb1bb156-f82b-4801-4687-46190b511460&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 syncd
x.bidswitch.net/ Frame 3F22 43 B
145 B 37ms
15ms Image
image/gif 3.127.96.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=eb1bb156-f82b-4801-4687-46190b511460&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1bb156-f82b-4801-4687-46190b511460%26reqId%3D12071b2f-74dc-4619-45d2-aab59528a8e4%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.96.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 3F22 95 B
154 B 39ms
39ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db102d044da6-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 3F22 557 B
472 B 73ms
51ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a537d9f4dd03ba1856a3f2cfbb95acade65539d4ba82b7acd3509a49683191b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0daa474da6-FRA
access-control-allow-headers: *

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame FAE1 58 KB
18 KB 61ms
17ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 11:35:11 GMT
content-encoding: gzip
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:08:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 68413
x-amz-server-side-encryption: AES256
etag: W/"0c967603b7e4d32b78b7ca772270a5c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ESR-r3Prx5EtTSo_aj_DNNVWLKolvFP_1J-KtPm7_BumGTrKQdnLKw==

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame F875 0
187 B 19ms
18ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D9affd90f022e513e
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:22 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 400
Bad Request pbs.gif
sync.admanmedia.com/ Frame F875 20 B
20 B 220ms
91ms Image
text/plain 8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D9affd90f022e513e%26uid%3D%5BUID%5D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H3 200 prebid
rtb.openx.net/sync/ Frame F875 43 B
58 B 45ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D9affd90f022e513e%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame F875 566 B
520 B 33ms
19ms Script
application/x-javascript 193.3.178.1
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sat, 19 Aug 2028 06:35:22 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame F875
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9affd90f022e513e%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9affd90f022e513e&uid=5538126985213991769

42 B
103 B

17ms
16ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9affd90f022e513e&uid=5538126985213991769
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
an-x-request-uuid: 6a5c771a-01bc-4ad6-aac0-8e302cc16043
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9affd90f022e513e&uid=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame F875
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9affd90f022e513e%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9affd90f022e513e&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a

42 B
103 B

19ms
18ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9affd90f022e513e&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9affd90f022e513e&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 200 us
sync.go.sonobi.com/ Frame F875 0
399 B 154ms
100ms Image
text/plain 69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D9affd90f022e513e%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-96
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

400

um
u-ams03.e-planning.net/ Frame F875
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9affd90f022e513e

0
0

21ms
20ms

Image
text/html

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9affd90f022e513e
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9affd90f022e513e
date: Mon, 21 Aug 2023 06:35:23 GMT
server: fasthttp
content-length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 4A2D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOMFqxm6LbaPmu.dTkmN8gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2

43 B
737 B

32ms
32ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhpsx%2ByqqkjImhsQ76i7tgTzVo%2Bp3ma7fAVT1Z3SnQfs9wkgCPuyUY%2Bhq1CFG3uDeAOKXOGXqHStMfoL%2F5sbddNSdOByg1lEb4DwuRJnr1lbJejM2lnp7ykV5sz1Pt%2FvSRVT798rdt%2BlDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db101b7a1d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4A2D 70 B
264 B 101ms
38ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 4A2D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1

43 B
632 B

14ms
13ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4A2D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

207ms
126ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2R7P89FX8ASRW07J57CM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XDXDYGK393JCEP90M9RS
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=ZOMFqxm6LbaPmu.dTkmN8gAA%263346
dpm.demdex.net/ Frame 4A2D 42 B
942 B 115ms
39ms Image
image/gif 18.200.152.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZOMFqxm6LbaPmu.dTkmN8gAA%263346?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.152.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-152-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-055a0ad1b.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hSZOwvaVTpI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

crum
dsum.casalemedia.com/ Frame 4A2D
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5ef1dea9-3d79-cd45-09fe7556

43 B
328 B

58ms
23ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5ef1dea9-3d79-cd45-09fe7556
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGKNmsQWUoDsrqdAyiEjjuve%2BZoR6wPzldsG2KiskvpsFgILuBv1aHZX35uEFGoXmeP86Fey04qYgmEMEfSoF3dqEkxgATT3sYaHNOLBBLN8fVAZE1%2BKB%2FQ7oRVx6sHXAU8EyhyC"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db0fdad49249-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5ef1dea9-3d79-cd45-09fe7556
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 4A2D 0
15 B 23ms
18ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 404
Not Found sync
ssbsync.smartadserver.com/api/ Frame 4A2D 9 B
132 B 120ms
17ms Image
text/plain 81.17.55.109
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-length: 9
content-type: text/plain; charset=utf-8

GET
H2 200 um
u-ams03.e-planning.net/ Frame 4A2D 42 B
103 B 23ms
18ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=437f72dac62c6c49&uid=ZOMFqxm6LbaPmu.dTkmN8gAA%263346
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame 7646 4 KB
1 KB 131ms
36ms Document
text/html 34.242.87.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.87.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-87-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 435bc699146dcb3b9147ae9779ea4d60b08f496795e8afe05054892e38102351

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 21 Aug 2023 06:35:23 GMT
etag: W/"0661d1af16d73a84acb213a338ed530a4"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 4C94 37 B
140 B 70ms
15ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2 200 adxcm.aspx Show response
inv-nets.admixer.net/ Frame AD30 43 B
314 B 35ms
20ms Document
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMm72uiC9zMlQYVr

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 43
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT
keep-alive: timeout=25
p3p: CP="NID DSP ALL COR"
server: nginx
x-xss-protection: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F070
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

20ms
20ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 43BC 15 KB
6 KB 25ms
11ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9affd90f022e513e%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usermatch Show response
ssum.casalemedia.com/ Frame 8E49 2 KB
3 KB 29ms
18ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 3d866db783e818badcb986cd3873d35307f5546f379802d133b45f0cb5c79be0

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1967
Content-Type: text/html
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Keep-Alive: timeout=1, max=497
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 51BE 1 KB
998 B 22ms
12ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
etag: W/"61ddbb71-5f5"
expires: Thu, 02 Mar 2028 17:17:56 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: dabeda17b1687f02434af0be5dad8691
x-cf-tsc: 1677950277
x-cf1: 29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 0BBE 0
0 26ms
16ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 5180 760 B
795 B 53ms
43ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a78f4b2c547b6d552ea5343e1de8a5d318575e7012cc9e33b570b6833174a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 7fa0db0daa444da6-FRA
content-encoding: br
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 63E3 2 KB
3 KB 118ms
22ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99067910&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3d91c5e4ee38dda506b44691d322978b5f4909e2283204daa6ce352f9aa4e452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 06:35:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 d
ic.tynt.com/r/ Frame 4E3D 0
0 161ms
104ms Document
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 3A42 2 KB
1 KB 269ms
22ms Document
text/html 185.83.69.18
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.18 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 884
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame FDD1 2 KB
1 KB 44ms
25ms Document
text/html 2a0c:5c87:5160::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5160::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 78caf0aa7c8036db15e75fa9cdb286a17fb12c436c49e286637bcd2d1f005f1b

Request headers

Referer: https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 874
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5230 15 KB
6 KB 35ms
13ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 644F 0
0 31ms
14ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame 9BBB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769

43 B
456 B

95ms
90ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:22 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 855b6f81-1770-4752-ab0d-52f3f8483358
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5538126985213991769
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 200 / Show response
ads.us.e-planning.net/uspd/1/ Frame D0F9 3 KB
1 KB 36ms
22ms Document
text/html 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 64b77ee57e6162b6332f6ed5056599c1a13be92ff673f11c87bd443317a46543

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Mon, 21 Aug 2023 06:35:23 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B457
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5335b35b-1535-4787-b3f0-653a5ba28066

43 B
473 B

90ms
89ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5335b35b-1535-4787-b3f0-653a5ba28066
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5335b35b-1535-4787-b3f0-653a5ba28066
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame B457 0
277 B 41ms
23ms Image
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 21 Aug 2023 06:35:23 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B457
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=279b1ace-7e34-494c-aa59-4d9ef14677a7

43 B
473 B

91ms
90ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=279b1ace-7e34-494c-aa59-4d9ef14677a7
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=279b1ace-7e34-494c-aa59-4d9ef14677a7
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame B457 43 B
320 B 234ms
90ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=${USER_ID}&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:22 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B457
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5538126985213991769

43 B
456 B

90ms
89ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5538126985213991769
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
an-x-request-uuid: 16254950-6755-4487-abb3-82b9c03560a1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B457
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
https://ad.turn.com/r/cs?pid=45&rndcb=1037165404
https://sync.1rx.io/usersync/turn/7256981412382245317?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-7bd7c504-4654-4feb-816c...
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003

43 B
480 B

86ms
85ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX7bd7c50446544feb816c0f6fb7e4c26c003
content-type: text/html

GET
H2 200 sync
vid.vidoomy.com/ Frame B457 0
0 33ms
16ms Image
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame B457
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=ef9f601d57fe4b11b5c5faa3947ff8e9

43 B
469 B

88ms
88ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: *
location: https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=ef9f601d57fe4b11b5c5faa3947ff8e9
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 0
x-xss-protection: 0

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame 30D5 58 KB
18 KB 14ms
14ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 11:35:11 GMT
content-encoding: gzip
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:08:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 68413
x-amz-server-side-encryption: AES256
etag: W/"0c967603b7e4d32b78b7ca772270a5c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: tDHd2HAAG71n5YJ0kZ586X88qJdDKMpq9ScYZR1o5ka8c3-DccKNQQ==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ Frame 98D0 392 KB
132 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=businessua.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6aefe3e96621fbd6e753364ada0e185fd4cce9f6e7e2ae32300fff52e8ecfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134727
x-xss-protection: 0
server: cafe
etag: 12003817474112122167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5934
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=bbb47599-704c-4e2c-6bfe-0020bdebb9e8&zdid=1361

95 B
154 B

44ms
43ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=bbb47599-704c-4e2c-6bfe-0020bdebb9e8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db10cdb84da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=bbb47599-704c-4e2c-6bfe-0020bdebb9e8&zdid=1361
date: Mon, 21 Aug 2023 06:35:23 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5934 95 B
165 B 48ms
40ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=bbb47599-704c-4e2c-6bfe-0020bdebb9e8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0efb9d4da6-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 5934 557 B
418 B 38ms
37ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=bbb47599-704c-4e2c-6bfe-0020bdebb9e8&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f886059d48e9f54faa7d886208fe94dcdaf6713cdbf1c65367264c850e177d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0fac6d4da6-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5942 34 KB
10 KB 18ms
18ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e80c687eb076b13c095ae7b1c33bfe930b9f3056364888ee10e856d7d3ddbc6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Aug 2023 13:16:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24000
Connection: keep-alive
Content-Length: 10116
Expires: Mon, 21 Aug 2023 13:15:23 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3903 34 KB
10 KB 28ms
28ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e80c687eb076b13c095ae7b1c33bfe930b9f3056364888ee10e856d7d3ddbc6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Aug 2023 13:16:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24000
Connection: keep-alive
Content-Length: 10116
Expires: Mon, 21 Aug 2023 13:15:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A79 14 KB
2 KB 56ms
21ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=400&slotname=1085498814&adk=983172006&adf=20896475&pi=t.ma~as.1085498814&w=240&lmt=1692592522&format=240x400&url=http%3A%2F%2Fbusinessua.com%2F&wgl=1&dt=1692599722537&bpp=1&bdt=597&idt=201&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=5382810768&nras=1&correlator=7762022059180&frm=20&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599723&ga_hid=934380263&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31077090%2C31077093%2C31077148%2C44798934%2C44799578&oid=2&pvsid=3228640422216500&tmod=1071138358&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=1R9PigiGmM&p=http%3A//businessua.com&dtd=203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 06:08:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 8A79 2 KB
973 B 55ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 8A79 23 KB
9 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 8A79 3 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 20:49:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 8A79 20 KB
8 KB 53ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A79 180 KB
57 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 8A79 35 KB
15 KB 52ms
9ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8E49 70 B
264 B 52ms
51ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8E49
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOMFqxm6LbaPmu.dTkmN8gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2

43 B
734 B

48ms
44ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxHOEDwwbWAENk7%2FWc8DZROeSs8PC6S778cA289dCqiobVybx3NzbrdbjDJVsvaQ5wUXSwr8FJLBH4g4Ye1WLJmy%2FNhIbe2szYBiihAOlQxvGxIHXxRxhDgoWkHC9L3coNWqMXvjr5vBSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db106bf81d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 8E49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1

43 B
632 B

18ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8E49
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

98ms
97ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V47TQGEWN3K8MACZW56Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V76SFNZ83JM89D5RYF1C
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8E49
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=05cM3gbG1QxYvx5

43 B
740 B

23ms
23ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=05cM3gbG1QxYvx5
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcB6qXtzRSSwj2M5pYkOdY%2FcFOa%2FiYDsTohtKhmFWgTGhfBIPb4k%2F7rooDHyhqfWd6FawvTdWKAcN%2FXWLybkcAOfetshUZSM5zVVr%2FwF5%2FLzHRRJAQqhz%2Fi8HZotJMTkSmOBk79GX0jctQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db125e251d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=05cM3gbG1QxYvx5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8E49
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

43 B
740 B

32ms
31ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7RulSkDYjZ%2FSjM10I5bM4lTRdrF2vZpzjFAO7y%2Flij0aKb9DPhPJFT2SGops%2FufNjbMIgKPpiAgjl1Dk%2Bg%2FqkDna0YzNwHBlAymCUQqDhFF8%2FDoBA13lqhKsfBvG7Wjly%2BQj2EVlkDYTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db295c701d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date: Mon, 21 Aug 2023 06:35:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
content-type: text/html; charset=utf-8

GET
H2 200 ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8E49 43 B
425 B 189ms
39ms Image
image/gif 2a05:d018:d29:3601:3875:a2f1:5d10:86ec
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:3875:a2f1:5d10:86ec Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 8E49
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZOMFqwAAAyOJyAA4

85 B
161 B

11ms
10ms

Image
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZOMFqwAAAyOJyAA4
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230057-FRA
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2692
x-timer: S1692599724.718261,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 13746

Redirect headers

x-served-by: cache-fra-eddf8230057-FRA
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692599724.513682,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZOMFqwAAAyOJyAA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 um
u-ams03.e-planning.net/ Frame 8E49 42 B
103 B 37ms
33ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=9affd90f022e513e&uid=ZOMFqxm6LbaPmu.dTkmN8gAA%263346
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0F79 145 KB
50 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b973641f7213cb908cafc21b93118b5ef5c03d19eeef95fba028dc7cadf85544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50785
x-xss-protection: 0
server: cafe
etag: 1919271098438242928
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:35:23 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 23ms
21ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://businessua.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://businessua.com
date: Mon, 21 Aug 2023 06:35:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 23ms
22ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 15 Aug 2024 06:35:23 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 19ms
18ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 15 Aug 2024 06:35:23 GMT

GET
H2 204 ev_prebid.aspx
ads.go2net.com.ua/ 0
125 B 13ms
11ms Image
text/plain 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.go2net.com.ua/ev_prebid.aspx?cc=DE%2FBE%2F2950159&am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&zone=2C065325-08BA-4EF8-BD05-2FF75ACA182A&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=eabe8acb-f793-4b8d-8382-ee5671718619&hp=117228568&page=businessua.com%2F&segments=1%2C4%2C489&ts=638281965227838788&ap=MA%3D%3D&asign=-894827241&sync=125%2C88%2C80%2C126%2C3%2C96%2C98&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-4&pxl=0&pvid=3e402558-3dd7-4cd8-926a-31dc68deffd6&ip=80.255.10.202&item=A0F0C54C-7ED4-485E-97FF-9946099AE54A&crid=A0F0C54C-7ED4-485E-97FF-9946099AE54A&size=240x350&profile=A08F3A11-214F-401E-9933-D17F544E4BE0&isopt=0&adv=N%2FA&dsp=Criteo+DE&dstUrl=http%3A%2F%2F&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:23 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

GET
H2 200 ev_view.aspx
ads.go2net.com.ua/ 43 B
190 B 13ms
12ms Image
image/gif 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.go2net.com.ua/ev_view.aspx?cc=DE%2FBE%2F2950159&am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&cet=4&zone=2C065325-08BA-4EF8-BD05-2FF75ACA182A&rule=268B748D-51E4-410C-98B3-0C10E8D4E799&requestId=eabe8acb-f793-4b8d-8382-ee5671718619&hp=117228568&page=businessua.com%2F&pvid=3e402558-3dd7-4cd8-926a-31dc68deffd6&inst=ADS-EU-4&ts=638281965227838788&sf=0

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame C6B9 4 KB
1 KB 41ms
40ms Document
text/html 34.242.87.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.87.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-87-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 435bc699146dcb3b9147ae9779ea4d60b08f496795e8afe05054892e38102351

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 21 Aug 2023 06:35:23 GMT
etag: W/"0661d1af16d73a84acb213a338ed530a4"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 8D4B 37 B
139 B 11ms
10ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame CA8E 43 B
453 B 88ms
87ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AMm72uiC9zMlQYVr
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:22 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5180
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=5381ee60-b43e-41a0-6924-f5496f99938e&zdid=1361

95 B
234 B

42ms
41ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=5381ee60-b43e-41a0-6924-f5496f99938e&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db10cdba4da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=5381ee60-b43e-41a0-6924-f5496f99938e&zdid=1361
date: Mon, 21 Aug 2023 06:35:23 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5180 95 B
154 B 48ms
46ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=5381ee60-b43e-41a0-6924-f5496f99938e&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0f4bf94da6-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 5180 557 B
420 B 45ms
41ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=5381ee60-b43e-41a0-6924-f5496f99938e&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fccc1181f41684a036e7712e92215395e5c2605b469b4f082b57186d7309ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db0fcc854da6-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F070 34 KB
10 KB 19ms
19ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e80c687eb076b13c095ae7b1c33bfe930b9f3056364888ee10e856d7d3ddbc6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Aug 2023 13:16:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24000
Connection: keep-alive
Content-Length: 10116
Expires: Mon, 21 Aug 2023 13:15:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4506 6 KB
779 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=60&slotname=5382810768&adk=4068248796&adf=2830180937&pi=t.ma~as.5382810768&w=468&lmt=1692592522&url=http%3A%2F%2Fbusinessua.com%2F&wgl=1&dt=1692599722319&bpp=41&bdt=379&idt=394&shv=r20230816&mjsv=m202308150101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=7762022059180&frm=20&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599723&ga_hid=934380263&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=560&ady=832&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31077087%2C31077090%2C31077093%2C31077148%2C44798934%2C44799578%2C44800467&oid=2&pvsid=3228640422216500&tmod=1071138358&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=IOGzZdTret&p=http%3A//businessua.com&dtd=398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 04:41:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4506 2 KB
926 B 16ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 4506 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4506 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 20:49:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4506 20 KB
8 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4506 180 KB
56 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 4506 35 KB
15 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H2 204 pixelSync
pixel.sitescout.com/dmp/ Frame D0F9 0
187 B 20ms
17ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D9affd90f022e513e
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 400
Bad Request pbs.gif
sync.admanmedia.com/ Frame D0F9 20 B
20 B 92ms
91ms Image
text/plain 8.2.110.24
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D9affd90f022e513e%26uid%3D%5BUID%5D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H3 200 prebid
rtb.openx.net/sync/ Frame D0F9 43 B
58 B 20ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D9affd90f022e513e%26uid%3D%24%7BUID%7D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame D0F9 566 B
520 B 17ms
8ms Script
application/x-javascript 193.3.178.1
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sat, 19 Aug 2028 06:35:23 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame D0F9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9affd90f022e513e%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9affd90f022e513e&uid=5538126985213991769

42 B
103 B

28ms
13ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9affd90f022e513e&uid=5538126985213991769
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
an-x-request-uuid: 82199559-59ba-4e86-9d1d-777e71eadd5a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9affd90f022e513e&uid=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame D0F9
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9affd90f022e513e%26uid%3D%24UID&partner=eplanning
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9affd90f022e513e&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a

42 B
103 B

20ms
18ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9affd90f022e513e&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9affd90f022e513e&uid=ua-70405be2-4072-3d1e-b52f-980dc25e171a
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 200 us
sync.go.sonobi.com/ Frame D0F9 0
324 B 110ms
96ms Image
text/plain 69.166.1.34
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D9affd90f022e513e%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-214
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame D0F9
Redirect Chain

https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
https://u-ams03.e-planning.net/um?uid=csuid_23958d71-c7d2-4c28-9d2b-402231eeb00a&dc=b337141cfdc8cf59&fi=9affd90f022e513e

42 B
103 B

20ms
18ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?uid=csuid_23958d71-c7d2-4c28-9d2b-402231eeb00a&dc=b337141cfdc8cf59&fi=9affd90f022e513e
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?uid=csuid_23958d71-c7d2-4c28-9d2b-402231eeb00a&dc=b337141cfdc8cf59&fi=9affd90f022e513e
date: Mon, 21 Aug 2023 06:35:23 GMT
server: fasthttp
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7646
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769

35 B
250 B

127ms
42ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
an-x-request-uuid: dbb87041-5586-4d58-b83f-133dccc5519b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 7646
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4

43 B
145 B

12ms
11ms

Image
image/gif

3.127.96.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Server: 3.127.96.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

syncPlatform
sync.outbrain.com/ Frame 7646
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3379f05f-de37-410b-9fb7-e5188f31f259&obuid=ENC(rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

100ms
86ms

Image
text/plain

70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: no-cache
X-TraceId: e2ca925801680b794974cbd076356f2f
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Mon, 21 Aug 2023 06:35:24 GMT
X-TraceId: 26537b68420962b55fc88d0cdcbda4bd
Content-Length: 0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7646 43 B
304 B 72ms
19ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7646
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202

35 B
250 B

32ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202
Date: Mon, 21 Aug 2023 06:35:23 GMT
Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 7646 43 B
425 B 155ms
40ms Image
image/gif 2a05:d018:d29:3601:3875:a2f1:5d10:86ec
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:3875:a2f1:5d10:86ec Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7646
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd

35 B
250 B

31ms
31ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd
Date: Mon, 21 Aug 2023 06:35:23 GMT
Connection: keep-alive
X-CI-RTID: 33f44d5e-7814-4fb7-8832-aae1a4348fe0
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 7646 0
44 B 306ms
95ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7646
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

37ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H2 200 server_match
ad.360yield.com/ Frame 7646 43 B
199 B 139ms
38ms Image
image/gif 54.72.199.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.199.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-199-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7646
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=C0DGIA7skedG&ev=1&pid=558355

35 B
250 B

37ms
36ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=C0DGIA7skedG&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=C0DGIA7skedG&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-cdb79dd64-gnn4h
expires: -1

GET
H/1.1 404
Not Found sync
ssbsync.smartadserver.com/api/ Frame 7646 9 B
132 B 16ms
16ms Image
text/plain 81.17.55.109
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-length: 9
content-type: text/plain; charset=utf-8

GET
H2 200 um
sync.e-planning.net/ Frame 7646 42 B
103 B 28ms
20ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=437f72dac62c6c49&uid=e_3379f05f-de37-410b-9fb7-e5188f31f259
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame F875 58 KB
18 KB 15ms
10ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 11:35:11 GMT
content-encoding: gzip
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:08:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 68413
x-amz-server-side-encryption: AES256
etag: W/"0c967603b7e4d32b78b7ca772270a5c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ChgIuNe9qTLhK6u1G0qoYKJ_VQPycTY0C-lIkEOH8v8mRsicWa27kw==

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 50BF 15 KB
6 KB 11ms
10ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 2DEF 0
0 12ms
11ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame FDD1 43 B
320 B 89ms
88ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 864C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

19ms
19ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C4C0 15 KB
6 KB 21ms
9ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9affd90f022e513e%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usermatch Show response
ssum.casalemedia.com/ Frame E162 2 KB
3 KB 20ms
12ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: a2c10f0d87cecdd308cc2ccc0eb7bd815d33fa4fa3deac19c8f4e1be090fb5cd

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: text/html
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Keep-Alive: timeout=1, max=496
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 166D 1 KB
998 B 18ms
9ms Document
text/html 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
etag: W/"61ddbb71-5f5"
expires: Thu, 02 Mar 2028 17:17:56 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: 987841a3b9cf77ae417eeb6cc396cb43
x-cf-tsc: 1677950277
x-cf1: 29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 204 /
onetag-sys.com/usync/ Frame 47B8 0
0 19ms
11ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5927d926323dc2c

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame BCA5 760 B
779 B 56ms
48ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ec4cd946d00e2d74c0b2d0af9d899027b2611fe2003759573f674076e61d60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 7fa0db0ffcbe4da6-FRA
content-encoding: br
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 98D0 0
0 72ms
47ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://businessua.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 0399
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZOMFqwAAATNRVABV
https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAAATNRVABV&gdpr=&gdpr_consent=&_test=ZOMFqwAAATNRVABV

35 B
250 B

56ms
33ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAAATNRVABV&gdpr=&gdpr_consent=&_test=ZOMFqwAAATNRVABV
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAAATNRVABV&gdpr=&gdpr_consent=&_test=ZOMFqwAAATNRVABV
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230057-FRA
x-timer: S1692599724.620925,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 583F 170 B
188 B 31ms
22ms Document
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zMzc5ZjA1Zi1kZTM3LTQxMGItOWZiNy1lNTE4OGYzMWYyNTk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C724 15 KB
6 KB 11ms
10ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 231B 70 B
264 B 35ms
34ms Document
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 2CAD
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjXQAAAAA

35 B
250 B

32ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjXQAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:24 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 21 Aug 2023 06:35:24 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjXQAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 1
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad401.dc4p.scaleout.jp
X-SO-IP: 80.255.10.202
X-SO-Key: ZOMFrMCo8YEAAJarjXQAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZOMFrMCo8YEAAJarjXQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad401"}
X-SO-LB-Hostname: m-tgng29.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad401

GET
H/1.1 400
Bad Request gumgum Show response
cs.admanmedia.com/sync/ Frame 2B56 20 B
189 B 294ms
98ms Document
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame D833
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum

35 B
250 B

119ms
37ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT Mon, 21 Aug 2023 06:35:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FE40
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

20ms
20ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7522243935603274608/ Frame 4506 6 KB
6 KB 41ms
35ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7522243935603274608/14763004658117789537?w=195&h=102&tw=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a4b3eb2e6b3172adbd1396b0fbe4f511f476c075faee634a6f786ae093c9d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6500
x-xss-protection: 0
last-modified: Mon, 26 Dec 2022 18:11:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Aug 2024 06:35:23 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5248041926059283702/ Frame 8A79 125 KB
125 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5248041926059283702/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d50edb793843f94c83c854d19285f3658f6d64236d37f51996ab1f4e8ce68ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 15:32:10 GMT
x-content-type-options: nosniff
age: 226993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128206
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 07:19:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Aug 2024 15:32:10 GMT

GET
DATA 200
OK truncated
/ Frame 8A79 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8A79 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C6B9
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769

35 B
250 B

61ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
an-x-request-uuid: 6aea9289-e1b9-4a47-aedb-9db89746aa63
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame C6B9
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=avYxxmz3NZdx-zKWZfJ5xjr2ZMZx-zXMOfXd_Lvl

43 B
145 B

10ms
10ms

Image
image/gif

3.127.96.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=avYxxmz3NZdx-zKWZfJ5xjr2ZMZx-zXMOfXd_Lvl
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Server: 3.127.96.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=avYxxmz3NZdx-zKWZfJ5xjr2ZMZx-zXMOfXd_Lvl
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

syncPlatform
sync.outbrain.com/ Frame C6B9
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3379f05f-de37-410b-9fb7-e5188f31f259&obuid=ENC(S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

101ms
86ms

Image
text/plain

70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: no-cache
X-TraceId: 1ffd079f73793c1ec05f01dd4b66ac28
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Mon, 21 Aug 2023 06:35:24 GMT
X-TraceId: 8c764a425e275870009f55029dafe028
Content-Length: 0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame C6B9 43 B
120 B 32ms
15ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C6B9
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202

35 B
250 B

37ms
30ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202
Date: Mon, 21 Aug 2023 06:35:23 GMT
Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame C6B9 43 B
426 B 73ms
39ms Image
image/gif 2a05:d018:d29:3601:3875:a2f1:5d10:86ec
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:3875:a2f1:5d10:86ec Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C6B9
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=7df6ad57-140c-4d80-acb6-f5cfe69c410a

35 B
250 B

31ms
31ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=7df6ad57-140c-4d80-acb6-f5cfe69c410a
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=7df6ad57-140c-4d80-acb6-f5cfe69c410a
Date: Mon, 21 Aug 2023 06:35:23 GMT
Connection: keep-alive
X-CI-RTID: 7c0870ac-a32c-43be-b55e-32ea646b7ff9
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame C6B9 0
16 B 225ms
95ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:22 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C6B9
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

31ms
31ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H2 200 server_match
ad.360yield.com/ Frame C6B9 43 B
198 B 58ms
39ms Image
image/gif 54.72.199.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.199.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-199-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame C6B9
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=PwdElUWVT5fc&ev=1&pid=558355

35 B
250 B

35ms
35ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=PwdElUWVT5fc&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=PwdElUWVT5fc&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-cdb79dd64-gnn4h
expires: -1

GET
H/1.1 404
Not Found sync
ssbsync.smartadserver.com/api/ Frame C6B9 9 B
132 B 37ms
20ms Image
text/plain 81.17.55.109
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-length: 9
content-type: text/plain; charset=utf-8

GET
H2 200 um
sync.e-planning.net/ Frame C6B9 42 B
103 B 38ms
19ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=437f72dac62c6c49&uid=e_3379f05f-de37-410b-9fb7-e5188f31f259
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5942 284 B
536 B 52ms
12ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame 7FDA 4 KB
1 KB 38ms
35ms Document
text/html 34.242.87.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.87.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-87-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d89e8fd1059d6a8a7b0d9835d0a82199f355774ad0d5c518d85cb083b1b97d90

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 21 Aug 2023 06:35:23 GMT
etag: W/"023d3e0c49d633340783f53d2b4a9773f"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame CE42 37 B
139 B 14ms
11ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2 200 adxcm.aspx Show response
inv-nets.admixer.net/ Frame B2CE 43 B
314 B 19ms
17ms Document
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AMm72uiC9zMlQYVr

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 43
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT
keep-alive: timeout=25
p3p: CP="NID DSP ALL COR"
server: nginx
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3903 284 B
536 B 46ms
11ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 4DA1
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic

43 B
473 B

281ms
89ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Etag: 183b807fcc154014
Server: Adtelligent

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT Mon, 21 Aug 2023 06:35:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic
pragma: no-cache

GET
H2 200 cookie Show response
cm.adform.net/ Frame 5E45 43 B
105 B 26ms
21ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 3A42
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=183b807fcc154014

43 B
453 B

86ms
85ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=183b807fcc154014
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=183b807fcc154014
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 183b807fcc154014
Content-Length: 0

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame A481
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic

43 B
473 B

268ms
89ms

Document
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Etag: 183b807fcc154014
Server: Adtelligent

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT Mon, 21 Aug 2023 06:35:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=H4MfcghlkXk0IM63mu8U&pi=admatic
pragma: no-cache

GET
H2 200 cookie Show response
cm.adform.net/ Frame 313B 43 B
105 B 28ms
24ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 18EA
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=183b807fcc154014

43 B
453 B

85ms
85ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=183b807fcc154014
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 3d39e6df8b7964a9
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=183b807fcc154014
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Adtelligent
Etag: 183b807fcc154014
Content-Length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F070 284 B
536 B 35ms
12ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame E162 43 B
855 B 200ms
117ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 41ZBN4JVSXM7EKK8XNG9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E162
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOMFqxm6LbaPmu.dTkmN8gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2

43 B
741 B

29ms
28ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIejAOZ3mq2FbCC0ocYTX9vsowULSMqf7Ii5%2BuQnD6kYcKBnf%2BpmeR9DV6tQhJJMQgE7ZsjOGth%2F1ak%2Bc0n%2BquImP95E9%2F%2FOVJ0ulQgdcIt2Ta7BJqyiAPOej59IC%2FpaRG%2Bpw1GSQl7ATg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db12eef41d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKZAnre__QwKVtaAt7lLeg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame E162
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1

43 B
632 B

12ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENq9rQjrqKjb4vvTQ5rM25Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E162 70 B
264 B 41ms
35ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E162
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
733 B

25ms
25ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSgsK6dgsoVJ8j8gNyvlXFI8ZXevuPnevaSRpLHi8RrqRh0h1zKT6RHTcB7aYXEfy0WWkHAN9xXTDgpF%2BCerBtONCUY2sV17znX%2Fxk2MnPJsUwXaQXEtfuoobyBIPejcTDnjZ2Nf1QeTyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db130f161d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Mon, 21 Aug 2023 06:35:23 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H3

200

crum
dsum.casalemedia.com/ Frame E162
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5ef1dea9-3d79-cd45-09fe7556

43 B
724 B

22ms
22ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5ef1dea9-3d79-cd45-09fe7556
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfMZgeW9d69xdFxWYqqTxZqtcIa5k8GMuBF%2B3xNKTD2YJzuy1J8GKWIaBTz7N286RS9vPuf187hKW8dOS2yL7HMb4gikMGu4%2F65UGY70ZpC5sbRDQZEe8DkN58Q24FCzNPHhNHOF"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fa0db130f171d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5ef1dea9-3d79-cd45-09fe7556
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame E162 0
15 B 20ms
13ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZOMFqxm6LbaPmu-dTkmN8gAADRIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame E162 43 B
649 B 126ms
20ms Image
image/gif 2.21.20.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZOMFqxm6LbaPmu.dTkmN8gAA%263346&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1692599723734089-517
Expires: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2 200 um
u-ams03.e-planning.net/ Frame E162 42 B
103 B 22ms
15ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=9affd90f022e513e&uid=ZOMFqxm6LbaPmu.dTkmN8gAA%263346
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame E156
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZOMFqwAG9zxR9gBV
https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=&_test=ZOMFqwAG9zxR9gBV

35 B
250 B

35ms
35ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=&_test=ZOMFqwAG9zxR9gBV
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=&_test=ZOMFqwAG9zxR9gBV
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230057-FRA
x-timer: S1692599724.708686,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 9694 170 B
188 B 30ms
21ms Document
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 807B 15 KB
6 KB 28ms
13ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 5E33 70 B
264 B 54ms
41ms Document
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 0781
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8XoAAC315PMAAAAA

35 B
250 B

33ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8XoAAC315PMAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:24 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 21 Aug 2023 06:35:24 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8XoAAC315PMAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad384.dc4p.scaleout.jp
X-SO-IP: 80.255.10.202
X-SO-Key: ZOMFrMCo8XoAAC315PMAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZOMFrMCo8XoAAC315PMAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad384"}
X-SO-LB-Hostname: m-tgng22.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad384

GET
H/1.1 400
Bad Request gumgum Show response
cs.admanmedia.com/sync/ Frame E17B 20 B
189 B 275ms
90ms Document
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 9C7E
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum

35 B
250 B

72ms
36ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT Mon, 21 Aug 2023 06:35:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1B4D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

12ms
10ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 4D34 43 B
363 B 95ms
25ms Document
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Mon, 21 Aug 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 336157
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame A9F1 43 B
855 B 255ms
182ms Document
image/gif 52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=51028780-68B3-433A-8622-5829C1EB2D3F&redir=true&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: SB4ZHDZFVWK6TKK0RHGJ

GET
H2

200

cs Show response
cs.yellowblue.io/ Frame E259
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xDnTHcI410zfNNBKkW6bGpc5hxnfaYQdxj_Z3--L
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cs.yellowblue.io/cs?aid=11576&id=ef9f601d57fe4b11b5c5faa3947ff8e9

0
321 B

36ms
31ms

Document
application/javascript

54.77.204.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.yellowblue.io/cs?aid=11576&id=ef9f601d57fe4b11b5c5faa3947ff8e9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.77.204.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-204-84.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ads.pubmatic.com/
content-length: 0
content-type: application/javascript
date: Mon, 21 Aug 2023 06:35:23 GMT
server: istio-envoy
x-envoy-upstream-service-time: 0

Redirect headers

content-length: 100
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:21 GMT
location: https://cs.yellowblue.io/cs?aid=11576&id=ef9f601d57fe4b11b5c5faa3947ff8e9
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame E1C3
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5538126985213991769&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7256981412382245317&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bfc44793-c7fd-48de-afcf-538ceda8f802&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5538126985213991769
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
0

15ms
14ms

Document
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 2C6A 43 B
473 B 96ms
92ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 63E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UQKHgGizQzqGIlgpwestPw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

11ms
10ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=74601
accept-ranges: bytes
content-length: 5606
expires: Tue, 22 Aug 2023 03:18:44 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 63E3 49 B
265 B 42ms
36ms Image
image/gif 34.241.158.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.158.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-158-58.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.174
content-length: 49
expires: 0

GET
H3

204

ids
idsync.frontend.weborama.fr/ Frame 63E3
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=51028780-68B3-433A-8622-5829C1EB2D3F

0
17 B

16ms
15ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H3
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
last-modified: Mon, 21 Aug 2023 06:35:24 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=51028780-68B3-433A-8622-5829C1EB2D3F
date: Mon, 21 Aug 2023 06:35:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 63E3
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=51028780-68B3-433A-8622-5829C1EB2D3F
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NTdtMGU1cXR0dzVUV1NoSy1qcHhqd3llQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=35027868504681717&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

92ms
91ms

Image
image/png

54.174.89.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Server: 54.174.89.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-89-161.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:24 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 21 Aug 2023 06:35:24 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 pubmatic
um.simpli.fi/ Frame 63E3 43 B
610 B 77ms
21ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 20 Aug 2023 06:35:23 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 63E3 70 B
264 B 43ms
38ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 63E3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=35027868504681717
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
106 B

12ms
12ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Mon, 21 Aug 2023 06:35:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 51028780-68B3-433A-8622-5829C1EB2D3F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 63E3 43 B
425 B 60ms
40ms Image
image/gif 2a05:d018:d29:3601:3875:a2f1:5d10:86ec
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/51028780-68B3-433A-8622-5829C1EB2D3F?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:3875:a2f1:5d10:86ec Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 63E3 0
15 B 20ms
16ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=51028780-68B3-433A-8622-5829C1EB2D3F&redir=true&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/ Frame 63E3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=0047e83e-3817-4af4-a770-e959e1b3071f&expires=1&user_group=2&ssp=pubmatic&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=0&gdpr_consent=&gdpr_pd=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=0&gdpr_consent=&gdpr_pd=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

0
187 B

28ms
13ms

Image
text/plain

98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
date: Mon, 21 Aug 2023 06:35:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 104
content-type: text/html; charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 98D0 12 B
100 B 23ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=businessua.com&callback=_gfp_s_&client=ca-pub-4577254435597104&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80DF 127 KB
41 KB 483ms
475ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=400&slotname=8309780813&adk=1515617927&adf=2751417942&pi=t.ma~as.8309780813&w=240&lmt=1692592523&format=240x400&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&wgl=1&dt=1692599723189&bpp=14&bdt=266&idt=416&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2120825259&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=194&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077148%2C44798934&oid=2&pvsid=3224536047048465&tmod=402180048&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.m35ab6d21u3&fsb=1&dtd=438

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0a9e46b51a35ed66df52c4a5ad31b2a5d03a4bcb4167945ad49715bac474494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 98D0 15 KB
11 KB 71ms
68ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67933ebbc800d176d36a57e64ab5a28131909e73d9753c71878e6fa112e47817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11706
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 864C 34 KB
10 KB 12ms
12ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e80c687eb076b13c095ae7b1c33bfe930b9f3056364888ee10e856d7d3ddbc6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Aug 2023 13:16:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24000
Connection: keep-alive
Content-Length: 10116
Expires: Mon, 21 Aug 2023 13:15:23 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FE40 34 KB
10 KB 12ms
12ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e80c687eb076b13c095ae7b1c33bfe930b9f3056364888ee10e856d7d3ddbc6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Aug 2023 13:16:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24000
Connection: keep-alive
Content-Length: 10116
Expires: Mon, 21 Aug 2023 13:15:23 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame BCA5
Redirect Chain

https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Deb1...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=8b6336ba-99af-4a5e-70cb-68e14b730e61&zdid=1361

95 B
154 B

40ms
38ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=8b6336ba-99af-4a5e-70cb-68e14b730e61&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db128fa94da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=8b6336ba-99af-4a5e-70cb-68e14b730e61&zdid=1361
date: Mon, 21 Aug 2023 06:35:23 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame BCA5 95 B
154 B 42ms
41ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=8b6336ba-99af-4a5e-70cb-68e14b730e61&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db10ede34da6-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame BCA5 557 B
420 B 39ms
39ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=8b6336ba-99af-4a5e-70cb-68e14b730e61&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5af54c80c3d53db49459706d98e7ae8a3d49b6c5916f8549bc8a434a8a763ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 7fa0db125f824da6-FRA
access-control-allow-headers: *

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame D0F9 58 KB
18 KB 14ms
13ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 11:35:11 GMT
content-encoding: gzip
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:08:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 68413
x-amz-server-side-encryption: AES256
etag: W/"0c967603b7e4d32b78b7ca772270a5c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: t1htx2FlSAwjic-WsR7NiB9dOQnOkYkz1owpxST7Z7nUI1lxKL2X8A==

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7FDA
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769

35 B
250 B

31ms
31ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:23 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
an-x-request-uuid: 3cca70fc-74c6-43ac-95d6-45a521bdbcfe
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 7FDA
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=KiO2oSwisvAxLrX2f3T-pnkj4qUxc-GhKCVWPkUm

43 B
145 B

9ms
8ms

Image
image/gif

3.127.96.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=KiO2oSwisvAxLrX2f3T-pnkj4qUxc-GhKCVWPkUm
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Server: 3.127.96.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=KiO2oSwisvAxLrX2f3T-pnkj4qUxc-GhKCVWPkUm
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

syncPlatform
sync.outbrain.com/ Frame 7FDA
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3379f05f-de37-410b-9fb7-e5188f31f259&obuid=ENC(rDUP10bghUto7W6Igu0ih-x4hzH6wjhdqin7eQHC8nDMsxfo5Hhs2lsrgFC815Pa)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

159ms
86ms

Image
text/plain

70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: no-cache
X-TraceId: 33b59ad9a9cd62a4c55a9ae32e2374a1
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Mon, 21 Aug 2023 06:35:24 GMT
X-TraceId: ec940138da17d5ad2f6d2b2e45054e4f
Content-Length: 0

GET
H3 200 cm
us-u.openx.net/w/1.0/ Frame 7FDA 43 B
75 B 37ms
33ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7FDA
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202

35 B
250 B

46ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202
Date: Mon, 21 Aug 2023 06:35:23 GMT
Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 7FDA 43 B
425 B 41ms
33ms Image
image/gif 2a05:d018:d29:3601:3875:a2f1:5d10:86ec
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:3875:a2f1:5d10:86ec Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7FDA
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd

35 B
250 B

43ms
30ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd
Date: Mon, 21 Aug 2023 06:35:23 GMT
Connection: keep-alive
X-CI-RTID: d5391786-15b8-4d12-9fc4-54bf6c2a11dd
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 7FDA 0
39 B 101ms
93ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7FDA
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

32ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H2 200 server_match
ad.360yield.com/ Frame 7FDA 43 B
198 B 42ms
34ms Image
image/gif 54.72.199.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.199.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-199-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7FDA
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=RsqZNn12fCG2&ev=1&pid=558355

35 B
250 B

30ms
30ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=RsqZNn12fCG2&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=RsqZNn12fCG2&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-cdb79dd64-gnn4h
expires: -1

GET
H/1.1 404
Not Found sync
ssbsync.smartadserver.com/api/ Frame 7FDA 9 B
132 B 22ms
17ms Image
text/plain 81.17.55.109
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-length: 9
content-type: text/plain; charset=utf-8

GET
H2 200 um
sync.e-planning.net/ Frame 7FDA 42 B
103 B 24ms
18ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=9affd90f022e513e&uid=e_3379f05f-de37-410b-9fb7-e5188f31f259
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:23 GMT
content-type: image/gif

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ Frame 0F79 392 KB
132 KB 85ms
83ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=businessua.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70adb2d1dc931fc47995cb49d651c51f7615222fa5a6ff577df3ef9c94360374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134731
x-xss-protection: 0
server: cafe
etag: 4996185458499982752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:35:23 GMT

GET
H2 204 logcz.aspx
inv-nets.admixer.net/ 0
125 B 11ms
11ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=6037660f-2a55-48a2-a35a-18f210643bbc

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:23 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1B4D 34 KB
10 KB 14ms
13ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e80c687eb076b13c095ae7b1c33bfe930b9f3056364888ee10e856d7d3ddbc6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:23 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Aug 2023 13:16:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24000
Connection: keep-alive
Content-Length: 10116
Expires: Mon, 21 Aug 2023 13:15:23 GMT

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame 4B3C 4 KB
1 KB 38ms
36ms Document
text/html 34.242.87.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.87.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-87-156.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d89e8fd1059d6a8a7b0d9835d0a82199f355774ad0d5c518d85cb083b1b97d90

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 21 Aug 2023 06:35:23 GMT
etag: W/"023d3e0c49d633340783f53d2b4a9773f"
server: nginx
timing-allow-origin: *

GET
H2 200 sync Show response
eb2.3lift.com/ Frame B0BC 37 B
139 B 14ms
12ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame E407 43 B
453 B 88ms
87ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AMm72uiC9zMlQYVr
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H2 204 logcz.aspx
inv-nets.admixer.net/ 0
125 B 14ms
12ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=9926893a-1688-4dd9-afb4-d173bd8a3a4d

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:23 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame FB2E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=

35 B
250 B

33ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230057-FRA
x-timer: S1692599724.948068,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 1782 170 B
188 B 30ms
23ms Document
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4FF7 15 KB
6 KB 16ms
12ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74601
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 5FF2 70 B
264 B 38ms
35ms Document
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame EFEA
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YwAAA481vkAAAAA

35 B
250 B

33ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YwAAA481vkAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:24 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 21 Aug 2023 06:35:24 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YwAAA481vkAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 1
X-SO-Cluster-ID: 0
X-SO-HostName: a-ad40249.dc2p.scaleout.jp
X-SO-IP: 80.255.10.202
X-SO-Key: ZOMFrMCo8YwAAA481vkAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZOMFrMCo8YwAAA481vkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40249"}
X-SO-LB-Hostname: m-tgng40.dc4p.scaleout.jp
X-SO-Upstream-ID: a-ad40249

GET
H/1.1 400
Bad Request gumgum Show response
cs.admanmedia.com/sync/ Frame 3679 20 B
189 B 93ms
91ms Document
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Mon, 21 Aug 2023 06:35:23 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 0179
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum

35 B
250 B

35ms
35ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT Mon, 21 Aug 2023 06:35:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6F55
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

21ms
20ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 21 Aug 2023 06:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 cms-2c-rubicon.html Show response
cti.w55c.net/ct/ Frame AC3C 52 KB
13 KB 75ms
17ms Document
text/html 2600:9000:2117:ee00:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/cms-2c-rubicon.html

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2117:ee00:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eus.rubiconproject.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 336362
cache-control: must-revalidate
content-encoding: gzip
content-type: text/html
date: Thu, 17 Aug 2023 09:10:32 GMT
etag: W/"7549d51888f0142460ac70be66758bc9"
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 6a7dbdb209ec7dcfec16316a2b155e06.cloudfront.net (CloudFront)
x-amz-cf-id: w2frEG7V7S9wWdSb39hAtf1kJdO1_N5SCbsrmXbTHU3sAhnsFF8Yjw==
x-amz-cf-pop: CDG50-C1
x-amz-replication-status: COMPLETED
x-amz-version-id: eM8rKv5bLrMqGrCvH619GCOhuiLqCbex
x-cache: Hit from cloudfront

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5942 0
239 B 73ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 logcz.aspx
inv-nets.admixer.net/ 0
125 B 8ms
8ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=f908f676-c639-4e79-a9c4-e17a0b475084

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:24 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 864C 284 B
536 B 10ms
10ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FE40 284 B
536 B 10ms
10ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 media.min.js Show response
a4p.adpartner.pro/apstc/ Frame 05F6 15 KB
4 KB 26ms
26ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.458
Requested by: Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=658&unit_id=7360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 68af52b37053d7a12a8776f8b8734fd8494f5d2650e957d464bbd0117abbb782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
cache-control: no-store no-transform
content-encoding: br
last-modified: Fri, 18 Aug 2023 14:13:37 GMT
server: nginx
etag: W/"64df7c91-3ad8"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame 9E56 0
0 438ms
438ms Document
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=4b2d6f48-b4c5-4d8b-a93b-2f803cb0eb5b&site_visited=1&location=http%3A%2F%2Fbusinessua.com%2F&referer=http%3A%2F%2Fbusinessua.com%2F
Requested by: Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=658&unit_id=7360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store no-transform
date: Mon, 21 Aug 2023 06:35:24 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/media/ Frame D7F8 5 KB
2 KB 26ms
26ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media/ls?mediaunit=7360&apuid=9a0d2de9-d435-4a58-95ad-8a3ba8650093&session_pageview=1&session_id=4b2d6f48-b4c5-4d8b-a93b-2f803cb0eb5b&site_visited=1&location=http%3A%2F%2Fbusinessua.com%2F
Requested by: Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=658&unit_id=7360
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 3f4a583ff1973d2f6da2273d89c8ee8b0519c5cf44983f05eede9afbd43d82cf

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:24 GMT
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 98D0 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 06:35:24 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 4B3C
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769

35 B
250 B

32ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
an-x-request-uuid: 1dc0786a-ec83-4db1-9e7d-28d7ac5e264d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=5538126985213991769
x-proxy-origin: 80.255.10.202; 80.255.10.202; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 4B3C
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6c15dfb3-7490-4df2-b13b-22e827833ed4&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=0fe568ef-1c0c-4c34-9894-0966d77919fa&ssp=gumgum2&expires=30&user_group=5&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4

43 B
145 B

8ms
8ms

Image
image/gif

3.127.96.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=4&user_id=0fe568ef-1c0c-4c34-9894-0966d77919fa&ssp=gumgum2&expires=30&user_group=5&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Server: 3.127.96.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-96-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=4&user_id=0fe568ef-1c0c-4c34-9894-0966d77919fa&ssp=gumgum2&expires=30&user_group=5&bsw_param=6c15dfb3-7490-4df2-b13b-22e827833ed4
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

syncPlatform
sync.outbrain.com/ Frame 4B3C
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3379f05f-de37-410b-9fb7-e5188f31f259&obuid=ENC(S5YIlTT9PiyUnf7n3ixrtlF9ZyFDV-oSKiP_ijLKKDDZPLp5Ngzf4DIsC6haY-kl)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

88ms
87ms

Image
text/plain

70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: no-cache
X-TraceId: 905724fd26f8c7a64c2a212fa10dd888
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Mon, 21 Aug 2023 06:35:24 GMT
X-TraceId: c16173c665f25b5c8625cefc4d10d57f
Content-Length: 0

GET
H3 200 cm
us-u.openx.net/w/1.0/ Frame 4B3C 43 B
75 B 20ms
18ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 4B3C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202

35 B
250 B

30ms
30ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d$ip$80.255.10.202
Date: Mon, 21 Aug 2023 06:35:24 GMT
Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 4B3C 43 B
425 B 85ms
83ms Image
image/gif 2a05:d018:d29:3601:3875:a2f1:5d10:86ec
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:3875:a2f1:5d10:86ec Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 4B3C
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd

35 B
250 B

36ms
35ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=99d11e34-5da6-4195-8303-79f3d32605dd
Date: Mon, 21 Aug 2023 06:35:24 GMT
Connection: keep-alive
X-CI-RTID: fec2bddc-7303-4064-b8b8-aceda47c0011
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 4B3C 0
16 B 93ms
91ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 4B3C
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

34ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H2 200 server_match
ad.360yield.com/ Frame 4B3C 43 B
198 B 35ms
32ms Image
image/gif 54.72.199.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.199.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-199-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:24 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 4B3C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=u8oJMu0ZqNYt&ev=1&pid=558355

35 B
250 B

30ms
30ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=u8oJMu0ZqNYt&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=u8oJMu0ZqNYt&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-cdb79dd64-gnn4h
expires: -1

GET
H/1.1 404
Not Found sync
ssbsync.smartadserver.com/api/ Frame 4B3C 9 B
132 B 14ms
12ms Image
text/plain 81.17.55.109
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
content-length: 9
content-type: text/plain; charset=utf-8

GET
H2 200 um
sync.e-planning.net/ Frame 4B3C 42 B
103 B 15ms
13ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=9affd90f022e513e&uid=e_3379f05f-de37-410b-9fb7-e5188f31f259
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server: openresty
date: Mon, 21 Aug 2023 06:35:24 GMT
content-type: image/gif

GET
H2 200 ev_view.aspx
inv-nets.admixer.net/ 43 B
190 B 9ms
8ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FBE%2F2950159&am-uid=ef9f601d57fe4b11b5c5faa3947ff8e9&cet=9&zone=F908F676-C639-4E79-A9C4-E17A0B475084&rule=753B1D54-DC79-47B3-BD71-2DCFE31C80F6&requestId=2f28fa65-0d45-4e93-bff1-83d99b8a0dca&hp=117228568&page=businessua.com%2F&pvid=71dce052-35ea-4ed1-94b1-60778f802f88&inst=ADS-EU-4&ts=638281965227597644&sf=0

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
keep-alive: timeout=25
content-length: 43
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4506 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d94e9c57387ee59b251b2098475f773e5843c41b2716af6738be24d4c004e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6F55 34 KB
10 KB 9ms
9ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e80c687eb076b13c095ae7b1c33bfe930b9f3056364888ee10e856d7d3ddbc6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Aug 2023 13:16:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23999
Connection: keep-alive
Content-Length: 10116
Expires: Mon, 21 Aug 2023 13:15:23 GMT

GET
H2 204 logcz.aspx
ads.go2net.com.ua/ 0
125 B 7ms
7ms Image
text/plain 146.0.227.107
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.go2net.com.ua/logcz.aspx?zone=864179e2-8571-48eb-841c-bca0cd1d9c3e

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:24 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
x-xss-protection: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5942
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2UBEUiKFQOq7oe2MwqCjsA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2UBEUiKFQOq7oe2MwqCjsA

43 B
479 B

33ms
33ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2UBEUiKFQOq7oe2MwqCjsA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6Q6CRG3SWH90ECXZEYSC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2UBEUiKFQOq7oe2MwqCjsA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5942
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKNOdIOYXNPDDKAlqodRx-M&google_cver=1

0
239 B

16ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKNOdIOYXNPDDKAlqodRx-M&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKNOdIOYXNPDDKAlqodRx-M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 5942 0
214 B 9ms
8ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5942 0
239 B 9ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 5942 0
214 B 11ms
10ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK rp
match.prod.bidr.io/cookie-sync/ Frame 5942 43 B
433 B 30ms
29ms Image
image/gif 52.212.242.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.242.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-242-190.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5942
Redirect Chain

https://rbp.mxptint.net/sn.ashx
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33646_107BE7E14_11B34E646&expires=60

0
239 B

9ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33646_107BE7E14_11B34E646&expires=60
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R33646_107BE7E14_11B34E646&expires=60
Date: Mon, 21 Aug 2023 06:35:24 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-375604502; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 228
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1B4D 284 B
536 B 9ms
9ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 32D1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=

35 B
250 B

32ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:24 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 21 Aug 2023 06:35:24 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZOMFqwAG9zxR9gBV&gdpr=&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230057-FRA
x-timer: S1692599724.105744,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 0883 170 B
188 B 27ms
18ms Document
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 064D 15 KB
6 KB 7ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74600
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 21 Aug 2023 06:35:24 GMT
expires: Tue, 22 Aug 2023 03:18:44 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 82CE 70 B
264 B 31ms
31ms Document
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 1E0C
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjYcAAAAA

35 B
250 B

36ms
35ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjYcAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:24 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 21 Aug 2023 06:35:24 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZOMFrMCo8YEAAJarjYcAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 3
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad40.dc4p.scaleout.jp
X-SO-IP: 80.255.10.202
X-SO-Key: ZOMFrMCo8YEAAJarjYcAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZOMFrMCo8YEAAJarjYcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad40"}
X-SO-LB-Hostname: m-tgng29.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad40

GET
H/1.1 400
Bad Request gumgum Show response
cs.admanmedia.com/sync/ Frame C2D2 20 B
189 B 90ms
90ms Document
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Mon, 21 Aug 2023 06:35:24 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame D785
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum

35 B
250 B

33ms
33ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:24 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 21 Aug 2023 06:35:24 GMT Mon, 21 Aug 2023 06:35:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=H4MfcghlkXk0IM63mu8U&pi=gumgum
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E990
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

9ms
8ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D9affd90f022e513e%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 06:35:24 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 21 Aug 2023 06:35:24 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
DATA 200
OK truncated
/ Frame 8A79 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 051a3711514a1d8e5e925eb08e886d40d23a14e305ff4982e8c808cdac888b09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8A79 33 KB
34 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 436856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 05:14:28 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0F79 12 B
53 B 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 457B 37 KB
16 KB 189ms
189ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=1085498814&adk=2361214747&adf=2751417948&pi=t.ma~as.1085498814&w=240&fwrn=3&fwrnh=100&lmt=1692592524&rafmt=1&format=240x200&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1692599723727&bpp=3&bdt=348&idt=404&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2060603787&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1623&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077088%2C31077148%2C44796632%2C44799579&oid=2&pvsid=3603909718987259&tmod=1466212727&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.mnioe35iproq&btvi=1&fsb=1&dtd=415

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81544b6d57310230c6737a29264d402090f89fd4f69c5cf2ddef8ef89526b265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16044
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0F79 15 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744efb4de5c611a78687573c16aae4f4deef00f9d7f06295e9f251d91b612e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11737
x-xss-protection: 0

GET
H2 200 cms-2-rubicon.min.js Show response
cti.w55c.net/ct/ Frame AC3C 8 KB
3 KB 16ms
15ms Script
application/javascript 2600:9000:2117:ee00:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/cms-2-rubicon.min.js

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2117:ee00:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c7987d2f26ca9bf8254df658877b74005f2e90d3f477eacc606e011341d8082

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cti.w55c.net/ct/cms-2c-rubicon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: 4wUy6FG8mI1tQq9b3POfj8uoA5V85xC6
content-encoding: gzip
via: 1.1 6a7dbdb209ec7dcfec16316a2b155e06.cloudfront.net (CloudFront)
date: Fri, 18 Aug 2023 17:41:12 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: CDG50-C1
age: 219253
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"d7ff0f4ef590b94bd79fc9b61a13ef4e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: fXXdixgFOWjw-N1PPZTRN1uf3BTPHKT_ra0TcXnbaWFrIp9rEgwung==

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame FE40 0
239 B 9ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 css
fonts.googleapis.com/ Frame 80DF 4 KB
671 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=400&slotname=8309780813&adk=1515617927&adf=2751417942&pi=t.ma~as.8309780813&w=240&lmt=1692592523&format=240x400&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&wgl=1&dt=1692599723189&bpp=14&bdt=266&idt=416&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2120825259&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=194&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077148%2C44798934&oid=2&pvsid=3224536047048465&tmod=402180048&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.m35ab6d21u3&fsb=1&dtd=438

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 05:53:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 06:35:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 80DF 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 80DF 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 20:49:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 80DF 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 80DF 0
0 16ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7w_esZo204k2OXsnvuHTXj3K0w7xJxd1ABSE5sNFS85kKmE8GzYY8FBSlwbI8ArJtg4d0Ag7REgLrsBxEw519JQlhMg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=400&slotname=8309780813&adk=1515617927&adf=2751417942&pi=t.ma~as.8309780813&w=240&lmt=1692592523&format=240x400&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&wgl=1&dt=1692599723189&bpp=14&bdt=266&idt=416&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2120825259&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=194&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077148%2C44798934&oid=2&pvsid=3224536047048465&tmod=402180048&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.m35ab6d21u3&fsb=1&dtd=438
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80DF 180 KB
56 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:35:24 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 80DF 35 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 14:52:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4506 15 KB
15 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:21:37 GMT
x-content-type-options: nosniff
age: 490427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 14:21:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4506 15 KB
16 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 11:08:17 GMT
x-content-type-options: nosniff
age: 156427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 11:08:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4506 15 KB
15 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 376028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:08:16 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E990 34 KB
10 KB 9ms
8ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e80c687eb076b13c095ae7b1c33bfe930b9f3056364888ee10e856d7d3ddbc6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 06:35:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Aug 2023 13:16:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23999
Connection: keep-alive
Content-Length: 10116
Expires: Mon, 21 Aug 2023 13:15:23 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame D7F8 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7360&apuid=9a0d2de9-d435-4a58-95ad-8a3ba8650093&session_pageview=1&session_id=4b2d6f48-b4c5-4d8b-a93b-2f803cb0eb5b&site_visited=1&location=http%3A%2F%2Fbusinessua.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 05:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2741
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 21 Aug 2023 07:49:43 GMT

POST
H2 200 media Show response
a4p.adpartner.pro/ Frame D7F8 1 KB
481 B 30ms
30ms XHR
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media?id=7360&session_id=4b2d6f48-b4c5-4d8b-a93b-2f803cb0eb5b&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7360&apuid=9a0d2de9-d435-4a58-95ad-8a3ba8650093&session_pageview=1&session_id=4b2d6f48-b4c5-4d8b-a93b-2f803cb0eb5b&site_visited=1&location=http%3A%2F%2Fbusinessua.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 73f6ba54ac390cf8ee9e9261986e015bb1356d0a7367d62e1efc776891332d39

Request headers

Referer: https://a4p.adpartner.pro/media/ls?mediaunit=7360&apuid=9a0d2de9-d435-4a58-95ad-8a3ba8650093&session_pageview=1&session_id=4b2d6f48-b4c5-4d8b-a93b-2f803cb0eb5b&site_visited=1&location=http%3A%2F%2Fbusinessua.com%2F
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8A79
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C1iVKqgXjZJS9L42aiQb6hbH4CZyhsLhyxbmAoccRqpf-3uY_EAEgrOT2CGCVqp-CsAegAciQjr0DyAEJqQI9mh0vtj2yPqgDAcgDywSqBMcBT9Bcmd73Z-Wdd3Agqf_0Yf3asHaYiOpqTLL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212906541757908357446%22,%22debug_reporting%22:true,%22destination%22:%22https://brillen.de%22,%22event_report_window%22:%2...

0
0

57ms
40ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212906541757908357446%22,%22debug_reporting%22:true,%22destination%22:%22https://brillen.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22933464136%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214805264933602068241%22}&andc=true

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12906541757908357446","debug_reporting":true,"destination":"https://brillen.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["933464136"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"14805264933602068241"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 06:35:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 06:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12906541757908357446","debug_reporting":true,"destination":"https://brillen.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["933464136"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"14805264933602068241"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6F55 284 B
536 B 10ms
9ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4506
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CcR7vqgXjZJmVLvaNiQau166YAbnp45ty9sPkrqoRj_SQ49cCEAEgrOT2CGCVqp-CsAegAZbm448pyAEJqQI9mh0vtj2yPqgDAcgDywSqBNcBT9AmBQB5DQIECCH9LJi3wdowCUOaaKCxREp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210305800974827408555%22,%22debug_reporting%22:true,%22destination%22:%22https://rhein-ruhr-solartechnik.de%22,%22event_rep...

0
0

53ms
41ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210305800974827408555%22,%22debug_reporting%22:true,%22destination%22:%22https://rhein-ruhr-solartechnik.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211038946070%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210021055117726806081%22}&andc=true

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10305800974827408555","debug_reporting":true,"destination":"https://rhein-ruhr-solartechnik.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11038946070"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"10021055117726806081"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 06:35:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 06:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10305800974827408555","debug_reporting":true,"destination":"https://rhein-ruhr-solartechnik.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11038946070"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"10021055117726806081"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3240 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:15:30 GMT
expires: Tue, 20 Aug 2024 06:15:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7B94 829 B
1 KB 40ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

603301ca857f0d7e31c6b84bf41e4d6d9058d2854cc60c2fa6e7f85f19599c91

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P6Ka1v6_OJTjhkimlaB0VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-P6Ka1v6_OJTjhkimlaB0VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:24 GMT
expires: Mon, 21 Aug 2023 06:35:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0F79 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 06:35:24 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AF0 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 16:23:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 16:23:46 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BBA 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 16:23:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 16:23:46 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E990 284 B
536 B 9ms
9ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 80ms
42ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200

match-result
tags.w55c.net/ Frame AC3C
Redirect Chain

https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDVjTTNnYkcxUXhZdng1&google_cm
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cver=1

42 B
609 B

35ms
8ms

Image
image/gif

3.122.33.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cver=1

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html

Protocol

HTTP/1.1

Server

3.122.33.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-122-33-96.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 384
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2964
tags.bluekai.com/site/ Frame AC3C 62 B
425 B 260ms
260ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2964?id=05cM3gbG1QxYvx5
Requested by: Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cti.w55c.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 21 Aug 2023 06:35:24 GMT
content-length: 62
content-type: image/gif

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7359 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Mon, 21 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 80DF 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 80DF
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

8ms
8ms

Image
image/png

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Protocol

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:28:20 GMT
x-content-type-options: nosniff
age: 169624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 07:28:20 GMT

Redirect headers

date: Mon, 21 Aug 2023 03:58:52 GMT
x-content-type-options: nosniff
server: cafe
age: 9392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Sep 2023 03:58:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 80DF 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 479350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 17:26:14 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 80DF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 951fdee90d634d89a2dc2140bd1afaf1248477098b9c439650406ccdbd982d56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D6E 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:15:30 GMT
expires: Tue, 20 Aug 2024 06:15:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2BF6 829 B
561 B 20ms
19ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94d72e33cc069497ce3b8dfed8aa61ace94356301bb7b75817a829e48423f399

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-38jPYkN99j1UTcN3GTiKZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://businessua.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-38jPYkN99j1UTcN3GTiKZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:24 GMT
expires: Mon, 21 Aug 2023 06:35:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 457B 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=1085498814&adk=2361214747&adf=2751417948&pi=t.ma~as.1085498814&w=240&fwrn=3&fwrnh=100&lmt=1692592524&rafmt=1&format=240x200&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1692599723727&bpp=3&bdt=348&idt=404&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2060603787&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1623&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077088%2C31077148%2C44796632%2C44799579&oid=2&pvsid=3603909718987259&tmod=1466212727&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.mnioe35iproq&btvi=1&fsb=1&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 20:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 20:49:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 457B 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 14:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 14:52:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 457B 0
0 16ms
15ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT80rfPGvCHHOaN4lLGNf91VQIjpgJA333NmstvO1l_2yFLr16USZNxkLrRvkzUUwVkpST0rcQUTf4qaM-kU53eeY9Elg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=1085498814&adk=2361214747&adf=2751417948&pi=t.ma~as.1085498814&w=240&fwrn=3&fwrnh=100&lmt=1692592524&rafmt=1&format=240x200&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1692599723727&bpp=3&bdt=348&idt=404&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2060603787&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1623&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077088%2C31077148%2C44796632%2C44799579&oid=2&pvsid=3603909718987259&tmod=1466212727&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.mnioe35iproq&btvi=1&fsb=1&dtd=415
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 457B 180 KB
56 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Aug 2023 06:35:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7359
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk9NRnF3QUc5enhSOWdCVg==&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmSDscrLM87gr7xYVALi9G3fN3tszv...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk9NRnF3QUc5enhSOWdCVg==&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmSDscrLM87gr7xYVALi9G3fN3tszvpODuIBPuT7twHqKUhwQoPXsRXVeVvc1c_TNhNqolmSxGys2WVlY7h6OTTqZgk-KSDS7GRB

Requested by

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230057-FRA
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1692599725.516471,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk9NRnF3QUc5enhSOWdCVg==&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmSDscrLM87gr7xYVALi9G3fN3tszvpODuIBPuT7twHqKUhwQoPXsRXVeVvc1c_TNhNqolmSxGys2WVlY7h6OTTqZgk-KSDS7GRB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7359
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENaddOD0bByBpsjqCK5p9c8&google_cver=1&google_push=AXcoOmRD7m0iFT4WKvPqRPWWU30jQrGn3lLp4o_4aKMso5BYflPfZn5Ls1dDcJ-2f0nDB4IHgC9tveJGibD...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRD7m0iFT4WKvPqRPWWU30jQrGn3lLp4o_4aKMso5BYflPfZn5Ls1dDcJ-2f0nDB4IHgC9tveJGibDvc_U_ShWK5mWzGK0rRUUm&google_hm=kN1-wudYSW6KU9tX...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRD7m0iFT4WKvPqRPWWU30jQrGn3lLp4o_4aKMso5BYflPfZn5Ls1dDcJ-2f0nDB4IHgC9tveJGibDvc_U_ShWK5mWzGK0rRUUm&google_hm=kN1-wudYSW6KU9tXpSH3Uso

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRD7m0iFT4WKvPqRPWWU30jQrGn3lLp4o_4aKMso5BYflPfZn5Ls1dDcJ-2f0nDB4IHgC9tveJGibDvc_U_ShWK5mWzGK0rRUUm&google_hm=kN1-wudYSW6KU9tXpSH3Uso
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 7359 0
173 B 45ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEI-Wa2xi5eDiKhvwIwcc7Ng&google_cver=1&google_push=AXcoOmRs_sOvBCSupavBLmy7kcZeVE9nNkSEx2gL4Gfhr9vE5LQOiJG3gjUF0DDYXAxhriznj922GfJZ5qYzcwxsVz2JZJ7b6gIiZp_W
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=400&slotname=8309780813&adk=1515617927&adf=2751417942&pi=t.ma~as.8309780813&w=240&lmt=1692592523&format=240x400&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&wgl=1&dt=1692599723189&bpp=14&bdt=266&idt=416&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2120825259&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=194&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077148%2C44798934&oid=2&pvsid=3224536047048465&tmod=402180048&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.m35ab6d21u3&fsb=1&dtd=438
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7359
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECchiKKVKzVuXHmSFZmklHs&google_cver=1&google_push=AXcoOmS8CnZ6mRPT_4iLEuvqAvVHPUQnKVEKieQo0PFlAo791updXwWUeuDOe16zaJK2YdXu_TQmtYF7QZ_tVJ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTY2MDQ1NTUwODI0NDY0MA%3D%3D&google_push=AXcoOmS8CnZ6mRPT_4iLEuvqAvVHPUQnKVEKieQo0PFlAo791updXwWUeuDOe16zaJK2YdXu_TQmtYF7QZ_tVJiqXr...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTY2MDQ1NTUwODI0NDY0MA%3D%3D&google_push=AXcoOmS8CnZ6mRPT_4iLEuvqAvVHPUQnKVEKieQo0PFlAo791updXwWUeuDOe16zaJK2YdXu_TQmtYF7QZ_tVJiqXrTHGc0m0mG3sik-

Requested by

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTY2MDQ1NTUwODI0NDY0MA%3D%3D&google_push=AXcoOmS8CnZ6mRPT_4iLEuvqAvVHPUQnKVEKieQo0PFlAo791updXwWUeuDOe16zaJK2YdXu_TQmtYF7QZ_tVJiqXrTHGc0m0mG3sik-
Date: Mon, 21 Aug 2023 06:35:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 adx
pr-bh.ybp.yahoo.com/sync/ Frame 7359 43 B
425 B 35ms
33ms Image
image/gif 2a05:d018:d29:3601:3875:a2f1:5d10:86ec
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENhJ7mSA5eZeIA4o__Df5QY&google_cver=1&google_push=AXcoOmQicMaGcA1KvHHZr1SkAO9dcBVSMLQ4ah9WE38vHmsGsyqAYvcKVCxVugV9XXR8j4prxzxdLIwICswTccO8d5aioAVwJkWIqVsX

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:3875:a2f1:5d10:86ec Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7359
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESECB0KP0qp-dpHuxhNsW9gYs&google_cver=1&google_push=AXcoOmSwNuu7D2Yec8ZkzZCiiXH1YAYQPrtUZA6Cub0v3zvB2l2hcILk4P_3fUzj9DTDxuwU1aywGc8sdnPrv2UI8UKIWTO...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECB0KP0qp-dpHuxhNsW9gYs&google_cver=1&google_push=AXcoOmSwNuu7D2Yec8ZkzZCiiXH1YAYQPrtUZA6Cub0v3zvB2l2hcILk4P_3fUzj9DTDxuwU1aywGc8sdnPrv2UI8UKIW...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSwNuu7D2Yec8ZkzZCiiXH1YAYQPrtUZA6Cub0v3zvB2l2hcILk4P_3fUzj9DTDxuwU1aywGc8sdnPrv2UI8UKIWTOyWcjDJTE

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSwNuu7D2Yec8ZkzZCiiXH1YAYQPrtUZA6Cub0v3zvB2l2hcILk4P_3fUzj9DTDxuwU1aywGc8sdnPrv2UI8UKIWTOyWcjDJTE

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSwNuu7D2Yec8ZkzZCiiXH1YAYQPrtUZA6Cub0v3zvB2l2hcILk4P_3fUzj9DTDxuwU1aywGc8sdnPrv2UI8UKIWTOyWcjDJTE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7359 43 B
362 B 23ms
21ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSZ2U1_8CKlGrBe9gmJnI2NvxwRG4Cojg76wdxY7c6BMZdUngWWcTpEdqfEQSjtXOcYpS7G3Z5jRO5Y76EDwwPNtAVPwngqHa86&google_gid=CAESEFQxHAQwfTSmR_mueEyLAoQ&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:23 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 186769
expires: Mon, 21 Aug 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7359 0
12 B 16ms
15ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOgXNVB2ZBSptOsk47E8Z0awLswOszAHIHpKAJLEjhcsPSocSYOOoZBLFLZNpZXAr4sVUH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1A88 154 KB
52 KB 102ms
72ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOMFrAACxFoKwlYEAAE_P1LbKKAuadOGTshKnA&u=%7C7P2VmhRcD7u%2BXII0ZeqGOUMq9MiZ0Oo5Syo9fC2tgzc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoBmqa3RQ6gpd9v31IWGemPmd6pE6xwN6eeTDV3lrOjVmZCqAcnW6my4p1HNJJAvEjubLhGdW5mCmpk6pTLuhPZOoeZ144E0Ud4RC1Mbhiqb-E4zRqew3SQFSA8O9_iDD_w6OGx_9j5lg2daaKuLFyndJ35djN9uVdy9Xr9vS3XKBkkhYs7KY3F_drGF85XJpKVGvtK7M-YRMCzSYeZ07OdJlrYtkvmcQ-mkWW5ooqBeyNz3jBQP0jRlEfHch-JKhJzJrLgv0IisZJq05JtSK2gAk9PVJXnZGYUU3TIfRYoEjt2DcxVOTnngQbYBSRA_BGEcPpkWU7mQ9455Rla_XrybNGCL-LASDt0p-McOPcRJCy2FR1SNmLfa-tLiwqHDgyGkW58wtDH6NYjXiwbHVenerF2WL-QnJ9pyBTCHl7ulXoOb-eLZr0JmlgdBrQOO1-pOZXkFhmtcksXRqvAsNuA0UZ271bIGk_1EfcVsSjOnqw-xx6MoRcOeQiUyhBvascT-tCsvdw7V7nip50fPYnJdRLytoUiFSy_JnsvmZ3L_p-eowZRj-TN9w4qZFobgKdqkv82C3YD6l&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmVRmrAXjZNqIC4SsiQa__oR4yZ7SsVy96ZX3cMCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi00NTc3MjU0NDM1NTk3MTA0yAEJqQI9mh0vtj2yPqgDAcgDAqoEwQFP0HOlADdtIENXK6VV-_LlRCCT82g85R_aFdDg4doorabx04pDw7_aijfBd-C2T35duSrJLa6V5WZBM1HZgsVG4BBUUo_XZS2sPQ4rVr0OjSl6gGqDvsPYoVFE2F6f9-hI5fA9u9rujLKEdMtpwIDYUEZVumxswE8hs1OrcD5ct1GsO6GceidqFTbJxObEGymwTIWXO2-aRIc_rCmYfBUAjrOAWFW8yjZ1VSJiCXLAtZp4tIUdo9hfkB3VdKrZ5fRVgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2klr2meR8nrNCyF-N5FK-F8UrdXw%26client%3Dca-pub-4577254435597104%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69ec2f978883256d03da81a23d3a0ea7c9d8ac11866c3f5064e3b02a94613976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 21 Aug 2023 06:35:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7HJfFWbPp08KUMtY3E-Ir7W2IBrYemCmly5tlFmG8EhEzeiFGnsQ0_7NQ-Elv9Cz9RaelAXnrNkZoxwAuDSnZhXD1LKN-_21vMEje_Apoj0EKITIZoFyheuLtvpShEeRCXpxqUoXxxSBtV8o1zxhHtjl_qtS2q5kDv1duth98mWKccyo1W8gulgJ9vrP2SAJ5Mp4f6o7t7hOOMWf_WtoTsaFd8clFPO8F5Nr4F_iRYueXX-sO0C8DXkD6T_SIibVFtynRQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 59777180
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A3DC 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Mon, 21 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7B94 0
0 40ms
39ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=3224536047048465&rc=
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame F961 0
139 B 26ms
26ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225335b35b-1535-4787-b3f0-653a5ba28066%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A7360%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fbusinessua.com%252F%2522%257D
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:24 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 3240 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 16:23:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 16:23:46 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 80DF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CDZL_qwXjZMutKZGpiQb2jKbQCc2q28ZtybrswagM8ryCgcAFEAEgrOT2CGCVqp-CsAegAbC6odcDyAEJqQI9mh0vtj2yPqgDAcgDy4SAgASqBMEBT9AHq2GxsTTM-6rcHukFzZnCpW7oK4f...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225761884825953191154%22,%22debug_reporting%22:true,%22destination%22:%22https://swoodoo.com%22,%22event_report_window%22:%2...

0
0

43ms
42ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225761884825953191154%22,%22debug_reporting%22:true,%22destination%22:%22https://swoodoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227521188437110690017%22}&andc=true

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5761884825953191154","debug_reporting":true,"destination":"https://swoodoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"7521188437110690017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Aug 2023 06:35:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 06:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5761884825953191154","debug_reporting":true,"destination":"https://swoodoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-21"],"6":["true"]},"priority":"500","source_event_id":"7521188437110690017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 14C7 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 16:23:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 16:23:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2BF6 0
0 41ms
40ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=3603909718987259&rc=
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3DC
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAcZx9zK7caYZaaPm7K8MRM&google_cver=1&google_push=AXcoOmRZacW0Z0RwJF_lT-bqJTA2QrB4nzKpc1QBjXIqKgM7SxcAguCBLG...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRZacW0Z0RwJF_lT-bqJTA2QrB4nzKpc1QBjXIqKgM7SxcAguCBLGw1-pEBAqainHvro8Ec-JjPBJoHWrexXPioiPFxGeZ0vg&google_hm=jpimiHErWp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRZacW0Z0RwJF_lT-bqJTA2QrB4nzKpc1QBjXIqKgM7SxcAguCBLGw1-pEBAqainHvro8Ec-JjPBJoHWrexXPioiPFxGeZ0vg&google_hm=jpimiHErWpyJq7WQUXRhsQ

Requested by

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRZacW0Z0RwJF_lT-bqJTA2QrB4nzKpc1QBjXIqKgM7SxcAguCBLGw1-pEBAqainHvro8Ec-JjPBJoHWrexXPioiPFxGeZ0vg&google_hm=jpimiHErWpyJq7WQUXRhsQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3DC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDVjTTNnYkcxUXhZdng1&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cver=1&google_push=AXcoOmTzoeKnnYbR5P5TabIMA5C8DWEA7i7tzQ4YsQZfJjg...

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDVjTTNnYkcxUXhZdng1&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cver=1&google_push=AXcoOmTzoeKnnYbR5P5TabIMA5C8DWEA7i7tzQ4YsQZfJjgkjXmpbWebY4QaLtXrh0jLKzR2Wtfx3obyBRDN3W11huGIqIqjgpiSYA

Requested by

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Aug 2023 06:35:24 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MDVjTTNnYkcxUXhZdng1&google_gid=CAESEDeo3t5evs_-rGoxsaekKT0&google_cver=1&google_push=AXcoOmTzoeKnnYbR5P5TabIMA5C8DWEA7i7tzQ4YsQZfJjgkjXmpbWebY4QaLtXrh0jLKzR2Wtfx3obyBRDN3W11huGIqIqjgpiSYA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A3DC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPn2TgSMS52DYj5rfbbyilQ&google_cver=1&google_push=AXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8jv0...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPn2TgSMS52DYj5rfbbyilQ&google_cver=1&google_push=AXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8j...

43 B
428 B

179ms
163ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPn2TgSMS52DYj5rfbbyilQ&google_cver=1&google_push=AXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8jv01M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8jv01M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=1085498814&adk=2361214747&adf=2751417948&pi=t.ma~as.1085498814&w=240&fwrn=3&fwrnh=100&lmt=1692592524&rafmt=1&format=240x200&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1692599723727&bpp=3&bdt=348&idt=404&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2060603787&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1623&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077088%2C31077148%2C44796632%2C44799579&oid=2&pvsid=3603909718987259&tmod=1466212727&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.mnioe35iproq&btvi=1&fsb=1&dtd=415
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fa0db181d7f9be0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 536
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPn2TgSMS52DYj5rfbbyilQ&google_cver=1&google_push=AXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8jv01M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSEoYcH96Jw2Xa_p0WYbuGXEEn28lySoSoq4OtRsJ8h9-ryVNztfgIbtkyHDLQ6Q5LdWmgcS2JT1O0iF8YyDBpOIU8cZ8jv01M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fa0db16ec599be0-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3DC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk9NRnF3QUc5enhSOWdCVg==&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmTFSSADrP-aU6ggbCP4HpkNi_6Uh5...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk9NRnF3QUc5enhSOWdCVg==&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmTFSSADrP-aU6ggbCP4HpkNi_6Uh5A7GQX0jAYnQbLYPSHP0GehQ8t2BCC6I4ORTY_GPPTUx-gds4CZ6345u_78q0pyWRKLoYo

Requested by

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230057-FRA
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1692599725.592335,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk9NRnF3QUc5enhSOWdCVg==&google_gid=CAESEN2MIYcsuF8iVjBEBjUVUw4&google_cver=1&google_push=AXcoOmTFSSADrP-aU6ggbCP4HpkNi_6Uh5A7GQX0jAYnQbLYPSHP0GehQ8t2BCC6I4ORTY_GPPTUx-gds4CZ6345u_78q0pyWRKLoYo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A3DC 70 B
264 B 35ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOwdYL8gTfxhEvqhtjPQm44&google_cver=1&google_push=AXcoOmTcaLaO8Xm7fC-VVNxkwZIDQyfGVaLBRNHBKDjWnXwAQhbTkHpwMzpwK6TjlMWxTlBPeOmcXM3WhdFb1d0CAsXtm4t4yxQvgBs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=1085498814&adk=2361214747&adf=2751417948&pi=t.ma~as.1085498814&w=240&fwrn=3&fwrnh=100&lmt=1692592524&rafmt=1&format=240x200&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1692599723727&bpp=3&bdt=348&idt=404&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2060603787&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1623&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077088%2C31077148%2C44796632%2C44799579&oid=2&pvsid=3603909718987259&tmod=1466212727&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.mnioe35iproq&btvi=1&fsb=1&dtd=415
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3DC
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENaddOD0bByBpsjqCK5p9c8&google_cver=1&google_push=AXcoOmTkAnw3bkWOHwP_R9MXdWKyY7gqLFdtMO6RCCFXSr5PuXUaT-hgoHaaPvXuzjslC86nzBlDTdyqxwu...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTkAnw3bkWOHwP_R9MXdWKyY7gqLFdtMO6RCCFXSr5PuXUaT-hgoHaaPvXuzjslC86nzBlDTdyqxwuwamU6p9hxK41l1HotUWw&google_hm=kN1-wudYSW6KU9tXp...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTkAnw3bkWOHwP_R9MXdWKyY7gqLFdtMO6RCCFXSr5PuXUaT-hgoHaaPvXuzjslC86nzBlDTdyqxwuwamU6p9hxK41l1HotUWw&google_hm=kN1-wudYSW6KU9tXpSH3Uso

Requested by

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTkAnw3bkWOHwP_R9MXdWKyY7gqLFdtMO6RCCFXSr5PuXUaT-hgoHaaPvXuzjslC86nzBlDTdyqxwuwamU6p9hxK41l1HotUWw&google_hm=kN1-wudYSW6KU9tXpSH3Uso
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3DC
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPYt3Yq6DMZK7LITVzJT08c&google_cver=1&google_push=AXcoOmQdkWmdC1Uel0f68GkPK3axr_BszCwwdvhtLd7T3OcChL9bxyzQLoNikLjs8q92Jno_mq1PFLyBO9KE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQdkWmdC1Uel0f68GkPK3axr_BszCwwdvhtLd7T3OcChL9bxyzQLoNikLjs8q92Jno_mq1PFLyBO9KEsi24LbT8h4NG_ygLDVQ

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQdkWmdC1Uel0f68GkPK3axr_BszCwwdvhtLd7T3OcChL9bxyzQLoNikLjs8q92Jno_mq1PFLyBO9KEsi24LbT8h4NG_ygLDVQ

Requested by

Protocol

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQdkWmdC1Uel0f68GkPK3axr_BszCwwdvhtLd7T3OcChL9bxyzQLoNikLjs8q92Jno_mq1PFLyBO9KEsi24LbT8h4NG_ygLDVQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A3DC 0
12 B 19ms
16ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYSVpiiGi7jtOnlp0UOoCfmUj9iBfeIi_m4tFqO4urFnYUmJLfVqQQZeTyh9JIboRz1rpq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 457B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd169d3daa4b4b294ec5203b03b00797a2b950453a23e5856e211b868ef143bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 457B 0
19 B 52ms
52ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CshVirAXjZNqIC4SsiQa__oR4yZ7SsVy96ZX3cMCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi00NTc3MjU0NDM1NTk3MTA0yAEJqQI9mh0vtj2yPqgDAcgDAqoEvgFP0HOlADdtIENXK6VV-_LlRCCT82g85R_aFdDg4doorabx04pDw7_aijfBd-C2T35duSrJLa6V5WZBM1HZgsVG4BBUUo_XZS2sPQ4rVr0OjSl6gGqDvsPYoVFE2F6f9-hI5fA9u9rujLKEdMtpwIDYUEZVumxswE8hs1OrcD5ct1GsO6GceidqFTbJxObEGymwTIWXO2-aRMU9jbsf84kTMS-U-4WBbM58QSjUA1zYNy6wiSPvHMZziJh_8LlmgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ1NzcyNTQ0MzU1OTcxMDQYAA&sigh=pGYhl3aJXSY&uach_m=[UACH]&cid=CAQSPABpAlJWRUtfxgY38-9DUtyr_yNbfdZVmtzNqs6Kn2ldCAMGgotLNqvDzCucwQw00myKBu8wtuR3EkhZXhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=1085498814&adk=2361214747&adf=2751417948&pi=t.ma~as.1085498814&w=240&fwrn=3&fwrnh=100&lmt=1692592524&rafmt=1&format=240x200&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1692599723727&bpp=3&bdt=348&idt=404&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2060603787&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1623&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077088%2C31077148%2C44796632%2C44799579&oid=2&pvsid=3603909718987259&tmod=1466212727&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.mnioe35iproq&btvi=1&fsb=1&dtd=415
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 21 Aug 2023 06:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 457B 0
126 B 51ms
16ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RPAByAGdg2ICAgAAAPL1VF4ZA_VvEKsF42QUiIdJQjHAccQbAAASAAAKCkFRVUREd0VCRHc&wp=ZOMFrAACxFoKwlYEAAE_P1LbKKAuadOGTshKnA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 183644
server: Kestrel
content-length: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D6E 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 16:23:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 16:23:46 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1A88 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOMFrAACxFoKwlYEAAE_P1LbKKAuadOGTshKnA&u=%7C7P2VmhRcD7u%2BXII0ZeqGOUMq9MiZ0Oo5Syo9fC2tgzc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoBmqa3RQ6gpd9v31IWGemPmd6pE6xwN6eeTDV3lrOjVmZCqAcnW6my4p1HNJJAvEjubLhGdW5mCmpk6pTLuhPZOoeZ144E0Ud4RC1Mbhiqb-E4zRqew3SQFSA8O9_iDD_w6OGx_9j5lg2daaKuLFyndJ35djN9uVdy9Xr9vS3XKBkkhYs7KY3F_drGF85XJpKVGvtK7M-YRMCzSYeZ07OdJlrYtkvmcQ-mkWW5ooqBeyNz3jBQP0jRlEfHch-JKhJzJrLgv0IisZJq05JtSK2gAk9PVJXnZGYUU3TIfRYoEjt2DcxVOTnngQbYBSRA_BGEcPpkWU7mQ9455Rla_XrybNGCL-LASDt0p-McOPcRJCy2FR1SNmLfa-tLiwqHDgyGkW58wtDH6NYjXiwbHVenerF2WL-QnJ9pyBTCHl7ulXoOb-eLZr0JmlgdBrQOO1-pOZXkFhmtcksXRqvAsNuA0UZ271bIGk_1EfcVsSjOnqw-xx6MoRcOeQiUyhBvascT-tCsvdw7V7nip50fPYnJdRLytoUiFSy_JnsvmZ3L_p-eowZRj-TN9w4qZFobgKdqkv82C3YD6l&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmVRmrAXjZNqIC4SsiQa__oR4yZ7SsVy96ZX3cMCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi00NTc3MjU0NDM1NTk3MTA0yAEJqQI9mh0vtj2yPqgDAcgDAqoEwQFP0HOlADdtIENXK6VV-_LlRCCT82g85R_aFdDg4doorabx04pDw7_aijfBd-C2T35duSrJLa6V5WZBM1HZgsVG4BBUUo_XZS2sPQ4rVr0OjSl6gGqDvsPYoVFE2F6f9-hI5fA9u9rujLKEdMtpwIDYUEZVumxswE8hs1OrcD5ct1GsO6GceidqFTbJxObEGymwTIWXO2-aRIc_rCmYfBUAjrOAWFW8yjZ1VSJiCXLAtZp4tIUdo9hfkB3VdKrZ5fRVgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2klr2meR8nrNCyF-N5FK-F8UrdXw%26client%3Dca-pub-4577254435597104%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 06:35:24 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1A88 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 06:35:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1A88 308 B
636 B 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 15 Aug 2024 06:35:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1A88 293 B
621 B 13ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 15 Aug 2024 06:35:24 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 1A88 43 B
348 B 47ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QN80cFpK7UNOzZVT8RZfYtdX4rAakxOVjnFawzCK6t6JWpOGN7G3MpP76d0dmfFa7pt4PdOqV9BlKWJLWtp8o1i0UfvvunbhByvJuGV1FZrpU6FRNNF5gsyFBpVIUVg9AEod5A8EVpiTCvgqvmh0ZW1yjiLqxaZmO1k9DXfaFSkDYxPEoA963WAeUsy06X6Y9vsJhnaIX6BaeMqTiH29T1-_-ahcyWb3dA_DvoqPJZlR4z2j9o_7YViA-p4vtxUd-yj90G9IclrdOTmBW4ihsU-ZpfdziSUjoh3LCLw9xj8B-zYVlGOZ7zdwk1mmUJHnUGw-aQRM5OHaTUXcS2QGxlNAzgas1UGwcz-Kf_O_Ms2OKh1uGjbMmQ9H69KQFVM3siirffh2YVwNWgFOkJwTYPAOJoGlYaTjWiQmKfZ1yXaogTpCluCVlrysOXjcjaQGm-E5Ww

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1783066
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1A88 12 KB
5 KB 41ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 996363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URSsMrm47R4OPuqku3tqyydop5OIV3kQOHgRNxIXbspdbO8Q2A1ou0WHYRgrT%2B89zhROa6DHNmxlmQLbvfBTJl7AWxXHWdn8X1%2BXh%2FirK%2FRxFtUkmwWlVIbHQ5NstCWzjvGKgTbAh1OkMAvNPL9FgvXW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fa0db174f831c11-FRA
expires: Sat, 10 Aug 2024 06:35:24 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1A88 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 06:35:24 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/15238/ Frame 30D5 155 B
646 B 20ms
6ms XHR
application/json 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 20 Aug 2023 11:35:11 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 68414
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 155
last-modified: Wed, 31 May 2023 20:08:40 GMT
server: AmazonS3
etag: "1a1722e9cedbdc8af0dcd3345e46c73a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: YuumvAuxyc3tQGBxO52y1xcAR6C0g3Be0Yy04acL7tezOnNo1s_fAQ==

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 1A88 38 KB
38 KB 68ms
40ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 06:35:24 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 1A88 46 KB
46 KB 44ms
16ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 06:35:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A88 4 KB
4 KB 78ms
47ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=96&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=476&s=54pWW9RvS1V7t21GUU2QQCJF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

81ff48776f63da4d9abdc89f0c4f6f8c9534b21a5f1789940a0f081bfc8ec833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 4196
expires: Sat, 03 Aug 2024 07:47:28 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A88 53 KB
53 KB 53ms
23ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4837267%2Fef482cda929e445ca7c6dfa65f35b8df_img_vertical_1.jpg&v=3&w=1200&s=6nLJHbJc_R309u_RVITxFzYH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1b24ba95379d71a5be4bbdefeff8c7d7c4a0a085b60a686d2ec5c0a5cbcbdc74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 54294
expires: Mon, 05 Aug 2024 07:06:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A88 13 KB
13 KB 74ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18285308-yy2lDGxg.jpg&v=3&w=400&s=KNumzJnk0IKDb9oqJAFmrZUW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bdb08ea5b971c8e6950c3e0e79f1e6776b013ea696af8f591faf4c35e23c890c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13308
expires: Mon, 21 Aug 2023 15:33:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A88 361 B
552 B 43ms
13ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=u4d8gANmsyX95m5QENytTHgL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 361
expires: Thu, 01 Aug 2024 07:58:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A88 11 KB
11 KB 73ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1512379250%2F17323999-hHraWE3S.jpg&v=3&w=400&s=V5ztczesUDocUe1CPbUg9VbA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

234cb29532d7874f3ffcc445e78babc24f00ed47c90c36fa70ed9d3df19ce2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 11244
expires: Thu, 24 Aug 2023 05:51:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A88 23 KB
23 KB 65ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1578486934%2F20005803-vPodcofW.jpg&v=3&w=400&s=ufwVLBbCYxS0XAdHLeZgB-dD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7a5ca9f359fe6fe948e9e480feeee623cffb2e414352e14cf00492b7d6908d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 23508
expires: Mon, 21 Aug 2023 17:21:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1A88 311 B
501 B 36ms
35ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=RtrExZbSuLQDRVJn_oA1pGM7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ffbbdb917a08d399b7e075624930914a8a0674155a41acb42a135fa70efb5745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 311
expires: Thu, 01 Aug 2024 08:08:16 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1A88 0
128 B 42ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=7HJfFWbPp08KUMtY3E-Ir7W2IBrYemCmly5tlFmG8EhEzeiFGnsQ0_7NQ-Elv9Cz9RaelAXnrNkZoxwAuDSnZhXD1LKN-_21vMEje_Apoj0EKITIZoFyheuLtvpShEeRCXpxqUoXxxSBtV8o1zxhHtjl_qtS2q5kDv1duth98mWKccyo1W8gulgJ9vrP2SAJ5Mp4f6o7t7hOOMWf_WtoTsaFd8clFPO8F5Nr4F_iRYueXX-sO0C8DXkD6T_SIibVFtynRQ&sds=2&rev=88037&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 21 Aug 2023 06:35:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1A88 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 06:35:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1A88 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Aug 2024 06:35:24 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 30D5 60 B
338 B 29ms
29ms XHR
application/json 34.241.158.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.158.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-158-58.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f82ce4491c6e55b92505f61dd8ee60657a065241a97842866aebab73a5611bf6

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ads.us.e-planning.net
cache-control: no-cache
x-server: 10.45.19.213
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3240 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eli_Fg
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/15238/ Frame D0F9 155 B
646 B 7ms
6ms XHR
application/json 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 20 Aug 2023 11:35:11 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 68414
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 155
last-modified: Wed, 31 May 2023 20:08:40 GMT
server: AmazonS3
etag: "1a1722e9cedbdc8af0dcd3345e46c73a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: pQebdd9f0cB08_nq80hsQLU9Ywykr9FpHRoU-EEHsWEF2kohBJet0A==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5D6E 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JeafRw
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame D0F9 60 B
338 B 31ms
31ms XHR
application/json 34.241.158.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.158.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-158-58.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8a320d2d29204b865858f5f35bcaadf3065a62a9976b6813a26be033056ebba8

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ads.us.e-planning.net
cache-control: no-cache
x-server: 10.45.15.144
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4506 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHnVHw6aWTxIERaN1gKU7_F-rnn_xIVrwq8-Nj898sO_oJqH3n_6Uvr6bpPdfwGtt97JXERggret8jPcddZ8K4xicx_l_-LcDXtjMQQeW1OHLKa4e8XyjZqDeEHzzUQbFQz88WkfQcDWNY&sai=AMfl-YThmJt8JkReBcYaz3pHfpQA6Po_q1c14Vg14pxf-U50U2hHW0yF67OgffX_NmgZsFW0YjaB9N2QrdaM&sig=Cg0ArKJSzEQCcF-7HYouEAE&cid=CAQSGwBpAlJW26L96a768Fq9cHkFi7uVi9Q4HK4AdxgB&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4068248796&rs=2&la=0&cr=0&vs=4&r=v&rst=1692599722720&rpt=1526&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 98D0 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=3224536047048465&bg=!mJulm8_NAAZGPLJIZjw7ADkAdvg8WuY4I6HCaQOhsJwJsExLweCISvC6ASEzYtiSr-q4zrY8i5Cb68y-C4Jvwst3UpS6E1bxOcwCAAABB1IAAAAQaAEHmQLZt9j6mhCp_fTLPoGTTK6x3cO8BOgFCaY7Qk6L7CCsf67QiJKsampkVimJFF3ThLvNNQn5_0ZV_5c8nNrwSNXdaCySFt1G_i1DVXXaeufm7pbxnaFvcchi_HVqOw90_2gr8k-2QCctWJWRCWjvdgPLrSDJuB84pcP9iBodVqhrIhdv3veM9zBY0-0GOifqnvudinTKWUmWV1iEUvKYdvsHKLesrrnD_pS4MxTKQqghvMEEjB85sDF4-Oz_qQS31u1ef7zU_dajNvJtXw5I5UNtjRggBWkPy5XMvond9MJ8FKYXrBjPPewxsBOt70mm1G1JEntk4LOjhuf2FHRGUI5bsgMny1RggH1L4REqyDmWG_nhBfptngfXX4tlEhOZP_DX0a9pP6BHlc1S1CTvzRguToZ4gQJqN-_PjxaLFVdhUQ-Up4NjcpJs-7Ez8qiojwQbdrrtwhqIKslgyfAdLAAfK9UfO0U1ch4kSfnmG0YFKwVHUmMluhY8vNRC-sVK_howzXD6UwqmjraX_3MVUcU9ZanovDqvISa_PCSwxxlk8dn1CsIeEuJpC-XlMa-09xCvczCj4iGOnaC9AV_eOnkOLFYr7hPwPigoUoUrrvA9niQhYPKu8nv6_ppXr0R0K5SOHPH7NzVGHF9BD1BSnJmxYgIfnCkghO5oC_V1QXXVM6cysCNs3rsC2y60CiwyATHL6s9lYzn3-4hvVPmKj_cXppYqWDx1A30yNTypERXFgxMqHqtjtHAwZe3jBY7cU-2bLeJHckm6Mrb8RZvy8sFiSoSK61IvqKP_Q7RC8SHCQjPXVv8wCS2WR_IlJKGu37Uu7XNUKEJsf47mGhWNK4xSyXWp5laRqnJXKMznP1XGL2nkJXJaZOLalrBJGa0RrgKVR_DeBPm6zltt3-DedXIbzEsDwP2hFCePPNV2XHkKBeG2Yh07rZiFbGvfwSQHrzW3ORppaji7KsXM
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0F79 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=3603909718987259&bg=!vb6lvurNAAZGPLJIZjw7ADkAdvg8WoA9GfOuZZ4WUHJ8Pa-G0MtGKQF8ULn-5Rn5UOrTuzDmqXOk8fpte23FNhAig7WtoiMoiuYCAAAAjFIAAAAIaAEHmQLe9wvA94HrxCDTEqMXxn3AyrCf_1eM1rVszTjJ5forgclJRIViTr-Rbd6Ft4Gcd3IxCT1FYqTcHEWgTNoFWyuRpFnewArwreswYh6p-EiuqwfCd3o69Q74MJrlGKKU_kJGYd6kwlcWlscsTgKILemil5Ew9JfkSfvqFPFaTJ1XNsRzobbTh77_5IS2PVcDeOcHO2M4vVnw8o9AXg-nczvwqVRMjrenMUBFhvXwf1C00RmG9mjPTlpJhsTWe64XBKaZd44-JMzwvGEEKKdCmzkHXVs-qVUrwsHL3K-GG5TB4Zmrk6HRIXoRR2T2BJJXUoz0m-oNngqMlYDQtisJoubfGtLyWyuFqKdtVzhP8S3rtHlC-hdsB2-vejopuNUEJemVmLcB0KXWi0sTUk_fYfipdNAThZglCAwgjs3QC4eVgDC4_lb5YBu7FQwRZ6bdMJ8FReSbRvR0o_T-1fCfukNDKxdde1bvPJaqPWcLCD5FBSAWoX1OBPWinT6xUt2dyoK7mIcx364cY47HgwyUwhqNvxCqtYbFIu5oI2rxFZiKtLg8BjRrcCiSP1SsOquJ7UDLngNKNP2VkRXymktQIcDSq9s7l7I8aBfao9tZ-KuD1810ZCQpOiKh7ESnMd7CA5Jgcmn9GY9HE6RB182khqZ_YXLu2x6DpDNZk-fOFgbxcZ1uFcaFaX1ehj1XNmg8UcKQAcc1SQJbQBp3a978V10tlFaPbpWb8PNmsbvPzBY1d1acAa0frw7cfQlgFoVp7C0JH3k9OMWFUBZ1-pMOxRKuBcYNKt4sXbjWw7bg6ZlxKKbrGPtjcs9Z2P0llS__iTdazQHm0N6rZ5mudf_3Uc3ueGhZ6JUYDi9zc8I73tJM_tFqYsBUin_ALwTq3gTrrvlaNO7HcWj8YObW5plnXCWUAefeQt5VZav9UOXLCkKvRa6J9QxJleCEjl8n7ztTnlTZV3dixmEWJZn65xzgEW0
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://businessua.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 80DF 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmDDDWumNX75sU6M7Uczlh3V9-b-AhnQXgdON9lozGR7KSpYxKn-dQe59rcdcHPM-jCc9hReoxIUX-NH32i56AZK-RPCoc8OeQFkCZFG_rJCVWUuCXrI7vdJw9Plhoux2FXhatfDQZApbj&sai=AMfl-YQUKlKU4h7HdxFkcNB_5DkQeUnYTN_IPtbA14ECpRx_7Q7-A1bdC_2t4y5YMKaAJw-b6TWes_IHzNH5oM7Kz6YsOQfsnqDqOhibyD38MKJHXuFpiw-PlHpB0Ckd&sig=Cg0ArKJSzKIGU5lOhz6pEAE&cid=CAQSPABpAlJW5gSAEtMPOQLKDUWyI7YwMgs1V7jMja5FhyCS0L9CT-aEoUejGEpAUNcnPkDD_YphVjfhLX4QBRgB&id=lidar2&mcvt=1002&p=0,0,400,240&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1515617927&rs=2&la=0&cr=0&vs=4&r=v&rst=1692599723629&rpt=928&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 63E3 0
128 B 32ms
23ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1798 3 KB
4 KB 29ms
28ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8981&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 826c62801d962426490f6889f5783c5a8763feb102114e4d7f34b36532e56969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3942 3 KB
4 KB 27ms
27ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65761420&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 826c62801d962426490f6889f5783c5a8763feb102114e4d7f34b36532e56969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 43F6 35 B
598 B 31ms
31ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F5DF
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=

42 B
379 B

31ms
31ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Aug 2023 06:35:26 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4A22
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=

42 B
237 B

27ms
27ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Mon, 21 Aug 2023 06:35:26 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame 6828 85 B
336 B 145ms
145ms Document
image/png 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230057-FRA
x-timer: S1692599726.195720,VS0,VE92

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B704
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

28ms
28ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Mon, 21 Aug 2023 06:35:26 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C85A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKX0JrN0p4Z3NBQUNidDZDUnQ0Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AAJ_Bk7JxgsAACbt6CRt4g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2520278254207601443&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AAJ_Bk7JxgsAACbt6CRt4g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2520278254207601443%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2520278254207601443&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJ_Bk7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=

42 B
199 B

24ms
24ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 21 Aug 2023 06:35:26 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C8BA
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D

42 B
113 B

23ms
22ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 168
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma: no-cache
server: Tengine

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C820
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420682872783

42 B
195 B

23ms
23ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420682872783
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Mon, 21 Aug 2023 06:35:26 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455420682872783
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 71FB 43 B
283 B 142ms
63ms Document
image/gif 72.251.245.181
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-8

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8073
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529

42 B
274 B

23ms
23ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 1754 43 B
277 B 151ms
34ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Vary: Accept-Encoding
X-adserver-worker: komodo-3743d85e2f05@version_1.566
X-core-time: 1ms
X-server-arch: v2

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame B831 43 B
213 B 32ms
25ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 67EE
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1kk9l9iui7ho

42 B
229 B

23ms
23ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1kk9l9iui7ho
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Mon, 21 Aug 2023 06:35:26 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1kk9l9iui7ho
lws: 35
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame EB63
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=

42 B
321 B

29ms
28ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 06:35:25 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame ACEE
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%25...
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=06b28f416e2017d3de0e7837c3cf27a1&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=

42 B
202 B

44ms
44ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=

GET
H2 200 i.match Show response
a.tribalfusion.com/ Frame DF5F 43 B
482 B 186ms
186ms Document
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7fa0db20cf289be0-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 8F53 0
0 55ms
16ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 21 Aug 2023 06:35:26 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FC2D
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=

1 B
72 B

28ms
28ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: Sun, 20 Aug 2023 06:35:26 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame CED8
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2569610039

70 B
264 B

44ms
44ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2569610039
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Mon, 21 Aug 2023 06:35:26 GMT
etag: RX7bd7c50446544feb816c0f6fb7e4c26c003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2569610039
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame F2C6 42 B
103 B 24ms
24ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=437f72dac62c6c49&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
server: openresty

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 1798 95 B
195 B 45ms
44ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=51028780-68B3-433A-8622-5829C1EB2D3F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7fa0db20cd4b4da6-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 1798
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

62ms
61ms

Image
image/gif

77.243.51.122
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: HTTP/1.1
Server: 77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:37 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:37 GMT
frontend-id: 7
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

52799
stags.bluekai.com/site/ Frame 1798
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=b3bb7e7ca868dd10dff5b224e838ecce&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=5ef26caedfc5fa2d

62 B
218 B

236ms
228ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=5ef26caedfc5fa2d
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 21 Aug 2023 06:35:26 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=5ef26caedfc5fa2d
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 3942 95 B
154 B 52ms
52ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=51028780-68B3-433A-8622-5829C1EB2D3F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7fa0db20dd544da6-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 3942
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

42ms
42ms

Image
image/gif

77.243.51.122
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: businessua.com
URL: http://businessua.com/
Protocol: HTTP/1.1
Server: 77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:37 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:37 GMT
frontend-id: 7
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=51028780-68B3-433A-8622-5829C1EB2D3F&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

/
spl.zeotap.com/ Frame 3942
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=06b28f416e2017d3de0e7837c3cf27a1&gdpr=0
https://spl.zeotap.com/?zdid=1332&zcluid=39d1cbc10696232e

95 B
509 B

64ms
64ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spl.zeotap.com/?zdid=1332&zcluid=39d1cbc10696232e

Requested by

Host: businessua.com
URL: http://businessua.com/

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7fa0db223e964da6-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=39d1cbc10696232e
content-length: 0

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 5E04 35 B
589 B 31ms
30ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 328C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=

42 B
97 B

28ms
28ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Aug 2023 06:35:26 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=fkTj_r-NV79KPFY_p6kfDVD_Cso&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AAC5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=

42 B
298 B

28ms
28ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Mon, 21 Aug 2023 06:35:27 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7269660455508244640&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame FD86 85 B
145 B 124ms
124ms Document
image/png 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230057-FRA
x-timer: S1692599726.217823,VS0,VE88

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5786
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

28ms
28ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Mon, 21 Aug 2023 06:35:26 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 9DDC
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCcFkwN0p4Z3NBQUNPb19ET3BhQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AAJ_Bk7JxgsAACbt6CRt4g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5505691669261945789&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AAJ_Bk7JxgsAACbt6CRt4g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5505691669261945789%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5505691669261945789&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJ_Bk7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=

42 B
97 B

23ms
23ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 21 Aug 2023 06:35:26 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJ_Bk7JxgsAACbt6CRt4g&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8654
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D

42 B
95 B

24ms
24ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 168
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUea18b0794a87435e91bebfc7120e3af6&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma: no-cache
server: Tengine

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8665
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926780026029

42 B
195 B

24ms
23ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926780026029
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Mon, 21 Aug 2023 06:35:26 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926780026029
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 5326 43 B
282 B 121ms
64ms Document
image/gif 72.251.245.181
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-8

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame FD81
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529

42 B
97 B

27ms
26ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7928385675885331529
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 8805 43 B
279 B 228ms
35ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Vary: Accept-Encoding
X-adserver-worker: ragnarok-045227c5519d@version_1.566
X-core-time: 1ms
X-server-arch: v2

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame F1AF 43 B
202 B 26ms
25ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame EDED
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=18ernjholz5n

42 B
230 B

23ms
22ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=18ernjholz5n
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Mon, 21 Aug 2023 06:35:26 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=18ernjholz5n
lws: 90
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7125
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=

42 B
320 B

29ms
28ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 06:35:25 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 39D0
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=

42 B
281 B

25ms
24ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYRQbjhjbaURUXYXn&gdpr=0&gdpr_consent=

GET
H2 200 i.match Show response
a.tribalfusion.com/ Frame A9EB 43 B
463 B 186ms
185ms Document
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7fa0db20ef489be0-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 2B8C 0
0 49ms
17ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 21 Aug 2023 06:35:26 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C970
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=

1 B
53 B

30ms
29ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Mon, 21 Aug 2023 06:35:26 GMT
expires: Sun, 20 Aug 2023 06:35:26 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E606751A62D74F07866CB2D8816D4969&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame D79D
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8588169826

70 B
264 B

45ms
44ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8588169826
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Mon, 21 Aug 2023 06:35:26 GMT
etag: RX7bd7c50446544feb816c0f6fb7e4c26c003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8588169826
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame 0F99 42 B
103 B 23ms
23ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=437f72dac62c6c49&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
server: openresty

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 14C9 47 B
226 B 29ms
28ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5305821&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 21 Aug 2023 06:35:25 GMT
content-length: 47
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 828A 43 B
473 B 96ms
95ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:25 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 902F 43 B
473 B 95ms
95ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame EFA3 42 B
103 B 33ms
32ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=437f72dac62c6c49&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
server: openresty

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame 5BEE 42 B
103 B 31ms
31ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=437f72dac62c6c49&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
server: openresty

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame 59A3 42 B
103 B 23ms
23ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=9affd90f022e513e&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
server: openresty

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame E9FC 43 B
473 B 96ms
95ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 6B35 43 B
473 B 97ms
96ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame DC68 43 B
473 B 98ms
97ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame 47AA 42 B
103 B 28ms
27ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=9affd90f022e513e&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
server: openresty

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame FB2C 42 B
103 B 27ms
26ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=9affd90f022e513e&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:26 GMT
server: openresty

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 9770 43 B
473 B 96ms
96ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 7FB9 35 B
250 B 44ms
43ms Document
image/gif 34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame F1D4 35 B
250 B 44ms
43ms Document
image/gif 34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 83C8 43 B
473 B 96ms
96ms Document
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:26 GMT
Etag: 3d39e6df8b7964a9
Server: Adtelligent

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame 4A67 42 B
103 B 28ms
27ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=9affd90f022e513e&uid=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D9affd90f022e513e%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Mon, 21 Aug 2023 06:35:27 GMT
server: openresty

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame BE40 35 B
250 B 294ms
294ms Document
image/gif 34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:27 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame B71E 35 B
250 B 43ms
42ms Document
image/gif 34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:27 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame C918 35 B
250 B 41ms
40ms Document
image/gif 34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:27 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 2D6D 35 B
250 B 42ms
42ms Document
image/gif 34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:27 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 3630 35 B
250 B 42ms
42ms Document
image/gif 34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:27 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 19A2 35 B
250 B 41ms
40ms Document
image/gif 34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=51028780-68B3-433A-8622-5829C1EB2D3F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 21 Aug 2023 06:35:27 GMT
Expires: 0
Pragma: no-cache

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/15238/ Frame F875 155 B
646 B 16ms
16ms XHR
application/json 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 20 Aug 2023 11:35:11 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 68417
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 155
last-modified: Wed, 31 May 2023 20:08:40 GMT
server: AmazonS3
etag: "1a1722e9cedbdc8af0dcd3345e46c73a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: kxTPotfw8lSr3FVtdob1OPINzb-u8OCdpQUoO7s_t0NNu4yCTNyo5w==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame F875 60 B
337 B 40ms
39ms XHR
application/json 34.241.158.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.158.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-158-58.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d80ede991d0b4be8bad371ea59b491cf5452cb6c3132b1358a6efca96fa6d2ae

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 06:35:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ads.us.e-planning.net
cache-control: no-cache
x-server: 10.45.9.52
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 1798 0
128 B 22ms
22ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 3942 0
128 B 19ms
18ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D437f72dac62c6c49%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 06:35:28 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: banner.kiev.ua
URL: http://banner.kiev.ua/j/banner.js?4869649

Verdicts & Comments Add Verdict or Comment

299 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

170 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/gadx	1970-01-20 16:19:35	Name: am-uid Value: ef9f601d57fe4b11b5c5faa3947ff8e9
.admixer.net/bs	1970-01-20 16:19:35	Name: am-uid Value: ef9f601d57fe4b11b5c5faa3947ff8e9
.businessua.com/	1970-01-20 22:55:35	Name: ngTrackID Value: 7579741f8d478ce628f83430dc3da596
.businessua.com/	1970-01-20 14:11:26	Name: PHPSESSID Value: 621nrpao8m9ahoh5qp7jouv161
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5x0CVuu5IR8
.youtube.com/	1970-01-20 18:29:11	Name: VISITOR_INFO1_LIVE Value: boiwYNvnPK4
businessua.com/	1969-12-31 23:59:59	Name: Value: store.test
.businessua.com/	1970-01-20 22:55:35	Name: am-uid-f Value: ef9f601d-57fe-4b11-b5c5-faa3947ff8e9
.servetraff.com/	1970-01-20 23:45:59	Name: UUID Value: 5b4e4cc8-d332-53b3-9a6d-b10b6bf0bc59
.businessua.com/	1970-01-20 23:45:59	Name: _ga_EPPMMRPT1D Value: GS1.1.1692599722.1.0.1692599722.0.0.0
.businessua.com/	1970-01-20 23:45:59	Name: _ga Value: GA1.2.940178178.1692599723
.businessua.com/	1970-01-20 14:11:26	Name: _gid Value: GA1.2.1429829842.1692599723
.businessua.com/	1970-01-20 14:09:59	Name: _gat_gtag_UA_29115103_1 Value: 1
.businessua.com/	1970-01-20 23:31:35	Name: __gads Value: ID=df84a35b61bb9a06-22cd698a57de0030:T=1692599722:RT=1692599722:S=ALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA
.businessua.com/	1970-01-20 23:31:35	Name: __gpi Value: UID=00000c64b2d95cfa:T=1692599722:RT=1692599722:S=ALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w
.admixer.net/	1970-01-20 16:19:35	Name: am-uid Value: ef9f601d57fe4b11b5c5faa3947ff8e9
.ads.go2net.com.ua/	1970-01-20 16:19:35	Name: am-uid Value: ef9f601d57fe4b11b5c5faa3947ff8e9
.creativecdn.com/	1970-01-20 22:55:35	Name: u Value: H4MfcghlkXk0IM63mu8U
.creativecdn.com/	1970-01-20 22:55:35	Name: ts Value: 1692599722
.yadro.ru/	1970-01-20 22:55:01	Name: FTID Value: 1aumMg1Cgfed1aumMg0014-V
.rmp.rakuten.com/	1970-01-20 14:53:11	Name: Rp Value: 505576e4d3c6a80e38336b0edc164e305aa60369153a1a71
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.pubmatic.com/	1970-01-20 22:55:35	Name: KADUSERCOOKIE Value: 51028780-68B3-433A-8622-5829C1EB2D3F
.adnxs.com/	1970-01-20 16:19:35	Name: uuid2 Value: 5538126985213991769
.e-planning.net/	1970-01-20 23:45:59	Name: E Value: AMm72uiC9zMlQYVr
.doubleclick.net/	1970-01-20 23:31:35	Name: IDE Value: AHWqTUmmmxc-Ioiks9PpX-ocpipH5SJkqas_9sfRIW4Ym31bsNYqw4kX3GdFJLVDYwY
.yadro.ru/	1970-01-20 22:55:01	Name: VID Value: 02TRXw3caP8d1aumMg0014_5
.demdex.net/	1970-01-20 18:29:11	Name: demdex Value: 73443300314894343833732874422972847834
.openx.net/	1970-01-20 22:55:35	Name: i Value: cde9aa58-6e2c-4552-9b03-4563143a86d7%7C1692599723
.trafmag.com/	1970-01-20 23:45:59	Name: vid Value: 6025682962230489
.casalemedia.com/	1970-01-20 22:55:35	Name: CMID Value: ZOMFqxm6LbaPmu.dTkmN8gAA
.casalemedia.com/	1970-01-20 16:19:35	Name: CMPS Value: 3346
.casalemedia.com/	1970-01-20 16:19:35	Name: CMPRO Value: 3346
.bidswitch.net/	1970-01-20 22:55:35	Name: c Value: 1692599723
.bidswitch.net/	1970-01-20 22:55:35	Name: tuuid_lu Value: 1692599723
.zeotap.com/	1970-01-20 22:55:35	Name: zc Value: eb1bb156-f82b-4801-4687-46190b511460
.bidswitch.net/	1970-01-20 22:55:35	Name: tuuid Value: 6c15dfb3-7490-4df2-b13b-22e827833ed4
.adx.opera.com/	1970-01-20 22:55:35	Name: UID Value: OPUea18b0794a87435e91bebfc7120e3af6
.betweendigital.com/	1970-01-20 22:55:35	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 22:55:35	Name: tuuid Value: 4bc6eae5-2ae8-52e9-97d2-0e87f3310b2c
.betweendigital.com/	1970-01-20 22:55:35	Name: ss Value: 1
a4p.adpartner.pro/	1970-01-20 15:36:23	Name: apuid Value: 5335b35b-1535-4787-b3f0-653a5ba28066
.dpm.demdex.net/	1970-01-20 18:29:11	Name: dpm Value: 73443300314894343833732874422972847834
.doubleclick.net/	1970-01-20 14:10:00	Name: test_cookie Value: CheckForPermission
.exchange.buzzoola.com/	1970-01-20 14:53:11	Name: uuid Value: e0392d27-997a-41b6-7c3e-6d4fe4074579
pa.tns-ua.com/	1970-01-20 23:45:59	Name: uid Value: ZA34D5DA4BFE4E979CA1DEB100B21A27
.tapad.com/	1970-01-20 15:36:23	Name: TapAd_TS Value: 1692599723198
.tapad.com/	1970-01-20 15:36:23	Name: TapAd_DID Value: 9a25b7e4-eac2-422c-978c-e6b52eed63c2
.taptapnetworks.com/	1970-01-20 22:55:35	Name: SONATA_ID Value: csonata_eebf722a-854f-4970-89f2-d29f24b9d05a
.adfarm1.adition.com/	1970-01-20 16:19:35	Name: UserID1 Value: 7269660455508244640
.gumgum.com/	1970-01-20 22:55:35	Name: vst Value: e_3379f05f-de37-410b-9fb7-e5188f31f259
.weborama.fr/	1970-01-20 23:35:54	Name: AFFICHE_W Value: EpVkzCo-JpIS32
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86214\|ZOMFr
cookies.nextmillmedia.com/	1970-01-20 14:20:04	Name: NMUID Value: csuid_23958d71-c7d2-4c28-9d2b-402231eeb00a
.adtelligent.com/	1970-01-20 15:39:16	Name: vmuid Value: 3d39e6df8b7964a9
.adtelligent.com/	1970-01-20 15:39:16	Name: a733849 Value: 5538126985213991769
.disqus.com/	1970-01-20 22:55:35	Name: zeta-ssp-user-id Value: ua-70405be2-4072-3d1e-b52f-980dc25e171a
.adtelligent.com/	1970-01-20 15:39:16	Name: a584890 Value: 5538126985213991769
.pubmatic.com/	1970-01-20 16:19:35	Name: KRTBCOOKIE_80 Value: 22987-CAESEJkNMS8zA2ng-Lj7r2-LFts&KRTB&23025-CAESEJkNMS8zA2ng-Lj7r2-LFts&KRTB&23386-CAESEJkNMS8zA2ng-Lj7r2-LFts
.yahoo.com/	1970-01-20 22:55:57	Name: A3 Value: d=AQABBKsF42QCEJoca3k4lqwTSOt5KPbpPZcFEv__AP8AAAAAAOAYyiMAAAAAgA&S=AQAAAiCoaW1ar4GDkthhDuwdNe0
.adtelligent.com/	1970-01-20 15:39:16	Name: a309255 Value: 279b1ace-7e34-494c-aa59-4d9ef14677a7
.agkn.com/	1970-01-20 22:55:35	Name: ab Value: 0001%3A5eO5wZb76c%2FYC5ZQ8ybGMMYE8sNfsCLc
.tapad.com/	1970-01-20 15:36:23	Name: TapAd_3WAY_SYNCS Value:
.krxd.net/	1970-01-20 18:29:11	Name: _kuid_ Value: Pv3YDHj5
.betweendigital.com/	1970-01-20 22:55:35	Name: ut Value: ZOMFqwAG_RDNpbiiRWm3VBE2AM3KTM0jaevA-Q==
.adtelligent.com/	1970-01-20 15:39:16	Name: a307971 Value: AMm72uiC9zMlQYVr
.richaudience.com/	1970-01-20 16:19:35	Name: avcid-zeo-uid Value: eb1bb156-f82b-4801-4687-46190b511460
.onaudience.com/	1970-01-20 22:55:35	Name: cookie Value: 39d1cbc10696232e
.onaudience.com/	1970-01-20 14:11:26	Name: done_redirects104 Value: 1
.lemmatechnologies.com/	1970-01-20 16:19:35	Name: uid Value: e8234bbe-3fec-11ee-a4de-801844df0ab8
.adtelligent.com/	1970-01-20 15:39:16	Name: a307558 Value: 5335b35b-1535-4787-b3f0-653a5ba28066
.w55c.net/	1970-01-20 23:41:40	Name: wfivefivec Value: 05cM3gbG1QxYvx5
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 7aca625beb9d387a
.adtelligent.com/	1970-01-20 15:39:16	Name: p440467 Value: ef9f601d57fe4b11b5c5faa3947ff8e9
.adform.net/	1970-01-20 14:54:38	Name: C Value: 1
.w55c.net/	1970-01-20 14:53:11	Name: matchcasale Value: 5
.quantserve.com/	1970-01-20 23:40:14	Name: mc Value: 64e305ab-9fdcc-4e417-d2342
.mgid.com/	1970-01-20 14:10:01	Name: __cf_bm Value: edeyZ7_kEugXVEIX.Bi6vmR9aRWGg3LoCi7xah.IZ2Q-1692599723-0-AW2TWPr0wPAsCWs3CHDtTbLUZeXWbC81bVfyAfYNsXczuf2fxKmnsdfWl/N/c8luS9dz9DQzuI4v5BW96rkFSZ4=
.simpli.fi/	1970-01-20 22:57:02	Name: suid Value: E606751A62D74F07866CB2D8816D4969
.pubmatic.com/	1970-01-20 16:19:35	Name: KRTBCOOKIE_153 Value: 1923-xDnTHcI410zfNNBKkW6bGpc5hxnfaYQdxj_Z3--L&KRTB&19420-xDnTHcI410zfNNBKkW6bGpc5hxnfaYQdxj_Z3--L&KRTB&22979-xDnTHcI410zfNNBKkW6bGpc5hxnfaYQdxj_Z3--L&KRTB&23403-xDnTHcI410zfNNBKkW6bGpc5hxnfaYQdxj_Z3--L
.everesttech.net/	1970-01-20 22:55:35	Name: everest_g_v2 Value: g_surferid~ZOMFqwAG9zxR9gBV
.adtelligent.com/	1970-01-20 15:39:16	Name: a558003 Value: 51028780-68B3-433A-8622-5829C1EB2D3F
.pubmatic.com/	1970-01-20 16:19:35	Name: KRTBCOOKIE_57 Value: 22776-5538126985213991769&KRTB&23339-5538126985213991769
.turn.com/	1970-01-20 18:29:11	Name: uid Value: 7256981412382245317
.amazon-adsystem.com/	1970-01-20 23:45:59	Name: ad-privacy Value: 0
.nrich.ai/	1970-01-20 23:45:59	Name: _nauid Value: 0047e83e-3817-4af4-a770-e959e1b3071f
.brand-display.com/	1970-01-20 23:45:59	Name: _knxq_ Value: 5ef1dea9-3d79-cd45-09fe7556.1692599723.1.1692599723.1692599723
.pubmatic.com/	1970-01-20 14:53:11	Name: KRTBCOOKIE_22 Value: 14911-7256981412382245317&KRTB&23150-7256981412382245317
.console.adtarget.com.tr/	1970-01-20 15:39:16	Name: vmuid Value: 183b807fcc154014
.console.adtarget.com.tr/	1970-01-20 15:39:16	Name: a307080 Value: H4MfcghlkXk0IM63mu8U
.amazon-adsystem.com/	1970-01-20 19:32:33	Name: ad-id Value: AxVr1q5eAUhzpgfjXYx3wBQ
.adform.net/	1970-01-20 15:36:23	Name: uid Value: 35027868504681717
sync.srv.stackadapt.com/	1970-01-20 22:55:35	Name: sa-user-id Value: s%3A0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d.%2BEHm82pOEt1KApAv45fgxvTxR3kn93r%2FzlSwqj4VOGc
.srv.stackadapt.com/	1970-01-20 22:55:35	Name: sa-user-id Value: s%3A0-7e44e3fe-bf8d-57bf-4a3c-563fa7a91f0d.%2BEHm82pOEt1KApAv45fgxvTxR3kn93r%2FzlSwqj4VOGc
sync.srv.stackadapt.com/	1970-01-20 22:55:35	Name: sa-user-id-v2 Value: s%3AfkTj_r-NV79KPFY_p6kfDVD_Cso.gEAOZx5u78KJBrsoCIEIkmPXGvDXknwM0UbNQ3lxLZs
.srv.stackadapt.com/	1970-01-20 22:55:35	Name: sa-user-id-v2 Value: s%3AfkTj_r-NV79KPFY_p6kfDVD_Cso.gEAOZx5u78KJBrsoCIEIkmPXGvDXknwM0UbNQ3lxLZs
.outbrain.com/	1970-01-20 16:19:35	Name: obuid Value: a4629f2d-8a35-4131-a413-85a8d9ade706
sync.srv.stackadapt.com/	1970-01-20 22:55:35	Name: sa-user-id-v3 Value: s%3AAQAKIMqQB95RfpG1kZ2KkD3bqwaU7ajoYDx2bTGu6ZIdRXrkEHwYBCCri4ynBjABOgTa3nmDQgR7D3z2.EvbFjVnR%2FygBv2AJdGASdQ81wSu8jC7AorUyxXhiLYU
.srv.stackadapt.com/	1970-01-20 22:55:35	Name: sa-user-id-v3 Value: s%3AAQAKIMqQB95RfpG1kZ2KkD3bqwaU7ajoYDx2bTGu6ZIdRXrkEHwYBCCri4ynBjABOgTa3nmDQgR7D3z2.EvbFjVnR%2FygBv2AJdGASdQ81wSu8jC7AorUyxXhiLYU
.fwmrm.net/	1970-01-20 18:29:11	Name: _uid Value: "e35bf_7269660455504586239"
.audrte.com/	1970-01-20 14:31:35	Name: arcki2 Value: 57m0e5qttw5TWShK-jpxjwyeA!20220908!1692599723957!ip#80.255.10.202
.audrte.com/	1970-01-20 14:31:35	Name: arcki2_pubmatic Value: 51028780-68B3-433A-8622-5829C1EB2D3F!20220908!1692599723960
.ipredictive.com/	1970-01-20 22:55:35	Name: cu Value: 99d11e34-5da6-4195-8303-79f3d32605dd\|1692599723852
.pubmatic.com/	1970-01-20 14:53:11	Name: KRTBCOOKIE_391 Value: 22924-35027868504681717&KRTB&23263-35027868504681717&KRTB&23481-35027868504681717
businessua.com/	1970-01-20 14:10:01	Name: session_id Value: 4b2d6f48-b4c5-4d8b-a93b-2f803cb0eb5b
businessua.com/	1970-01-20 14:10:01	Name: session_pageview Value: 1692599724.1
businessua.com/	1970-01-20 14:53:11	Name: site_visited Value: 1692686124.1
.adtelligent.com/	1970-01-20 15:39:16	Name: a318342 Value: 183b807fcc154014
.pubmatic.com/	1970-01-20 16:19:35	Name: KRTBCOOKIE_466 Value: 16530-6c15dfb3-7490-4df2-b13b-22e827833ed4
.targeting.unrulymedia.com/	1970-01-20 22:55:35	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003%22%7D
a4p.adpartner.pro/	1970-01-20 23:45:59	Name: apudmg Value: 1
.audrte.com/	1970-01-20 14:31:35	Name: arcki2_ddp2 Value: 57m0e5qttw5TWShK-jpxjwyeA!20220908!1692599724209
.creative-serving.com/	1970-01-20 23:31:35	Name: tuuid Value: 0fe568ef-1c0c-4c34-9894-0966d77919fa
.creative-serving.com/	1970-01-20 23:31:35	Name: c Value: 1692599724
.creative-serving.com/	1970-01-20 23:31:35	Name: tuuid_lu Value: 1692599724
.adtelligent.com/	1970-01-20 15:39:16	Name: a541630 Value: RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003
.mxptint.net/	1970-01-20 23:45:59	Name: mxpim Value: R33646_107BE7E14_11B34E646.1.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064E305AC
.googleadservices.com/	1970-01-20 16:19:35	Name: ar_debug Value: 1
.audrte.com/	1970-01-20 14:31:35	Name: arcki2_adform Value: 35027868504681717!20220908!1692599724375
.bluekai.com/	1970-01-20 18:34:57	Name: bku Value: k9L99vyaTtEL8z6D
.bluekai.com/	1970-01-20 18:34:57	Name: bkpa Value: KJy9cxeid02pSUHknp/8BMxdSVx21ePMEEB7RAzhDUCj57QN9yYexyA9
.blismedia.com/	1970-01-20 22:55:39	Name: b Value: 64E305AC5782DE6160CB627FBLIS
.ctnsnet.com/	1970-01-20 22:55:35	Name: gid_CAESENaddOD0bByBpsjqCK5p9c8 Value: 1
.w55c.net/	1970-01-20 14:53:11	Name: matchbluekai Value: 3
.quantserve.com/	1970-01-20 16:19:35	Name: d Value: EGgBFQHhKYEO-TD9r7EA
.w55c.net/	1970-01-20 14:53:11	Name: matchgoogle Value: 5
.ctnsnet.com/	1970-01-20 22:55:35	Name: cid Value: 90dd7ec2e758496e8a53db57a521f752
.de17a.com/	1970-01-20 22:48:23	Name: guid Value: 1.7928385675885331529
.admixer.co.kr/	1970-01-20 23:45:59	Name: __auid Value: 2dae66ea8f26e1ba644c4d27f614cce9
.admixer.co.kr/	1970-01-20 23:45:59	Name: __puid_103 Value: ef9f601d57fe4b11b5c5faa3947ff8e9
.admixer.co.kr/	1970-01-20 23:45:59	Name: __id_utm Value: 20230821
.admixer.co.kr/	1970-01-20 23:45:59	Name: __id_inf_103 Value: 0_ef9f601d57fe4b11b5c5faa3947ff8e9
.adsby.bidtheatre.com/	1970-01-20 14:20:04	Name: __kuid Value: bfc44793-c7fd-48de-afcf-538ceda8f802.461813725
ads.playground.xyz/	1970-01-20 14:19:55	Name: connect.sid Value: s%3AfPrRvJEKBvZRGzBYI-Ayziv8_sMIkOV1.LIdcEYHTQm5X6B7%2FMXjb1lhDwglSfvbDdHXO9LeFanM
.pubmatic.com/	1970-01-20 16:19:35	Name: DPSync3 Value: 1693785600%3A227_226_219_197_201_245_241_235
.pubmatic.com/	1970-01-20 16:19:35	Name: SyncRTB3 Value: 1693180800%3A223_15_2%7C1695168000%3A203%7C1693440000%3A63%7C1697760000%3A69%7C1693872000%3A35%7C1693785600%3A22_99_56_204_264_46_88_176_249_220_71_3_54_13_233_234_161_55_21_8_214_254_166_238_243_251_81_165
.1rx.io/	1970-01-20 22:55:35	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7bd7c504-4654-4feb-816c-0f6fb7e4c26c-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.pubmatic.com/	1970-01-20 14:53:11	Name: KRTBCOOKIE_1101 Value: 23040-7269660455508244640&KRTB&23369-7269660455508244640
.pubmatic.com/	1970-01-20 14:53:11	Name: KRTBCOOKIE_336 Value: 5844-7928385675885331529
.onaudience.com/	1970-01-20 14:11:26	Name: done_redirects161 Value: 1
.bidr.io/	1970-01-20 23:38:33	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-20 16:19:35	Name: KRTBCOOKIE_860 Value: 16335-fkTj_r-NV79KPFY_p6kfDVD_Cso&KRTB&23334-fkTj_r-NV79KPFY_p6kfDVD_Cso&KRTB&23417-fkTj_r-NV79KPFY_p6kfDVD_Cso&KRTB&23426-fkTj_r-NV79KPFY_p6kfDVD_Cso
.pubmatic.com/	1970-01-20 16:19:35	Name: chkChromeAb67Sec Value: 14
.ads.pubmatic.com/	1970-01-20 14:11:26	Name: pubsyncexp Value: 1692621326367
.bidr.io/	1970-01-20 23:38:33	Name: bito Value: AAJ_Bk7JxgsAACbt6CRt4g
.exelator.com/	1970-01-20 17:02:47	Name: EE Value: "06b28f416e2017d3de0e7837c3cf27a1"
.exelator.com/	1970-01-20 17:02:47	Name: ud Value: "eJxrXxzq6XKLQcHALMnIIs3E0CzVyMDQPMU4JdUg1dzC2DzZODnNyDzRcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6IhfXxUUpaQyLSopPBR%252FlTgcAiuAplg%253D%253D"
.tribalfusion.com/	1970-01-20 16:19:35	Name: ANON_ID Value: aKnwQRxNeTgBeZdwQyOT761bvQgITbg4neZaWcQRyArpUH3Y7rQuR9B3hOONEYmAEQ3i5rZaXjQEagagKvB6xFurTbrsp3MUlOqOBwMKZdy0lZbvWZbk4vJs2DmBsvBXZaW
.pubmatic.com/	1970-01-20 16:19:35	Name: KRTBCOOKIE_1305 Value: 23408-51028780-68B3-433A-8622-5829C1EB2D3F&KRTB&23413-51028780-68B3-433A-8622-5829C1EB2D3F&KRTB&23479-51028780-68B3-433A-8622-5829C1EB2D3F&KRTB&23505-51028780-68B3-433A-8622-5829C1EB2D3F
.onaudience.com/	1970-01-20 14:11:26	Name: done_redirects282 Value: 1
.onaudience.com/	1970-01-20 14:11:26	Name: done_redirects219 Value: 1
.adtelligent.com/	1970-01-20 15:39:16	Name: a281178 Value: 51028780-68B3-433A-8622-5829C1EB2D3F
.semasio.net/	1970-01-20 22:55:35	Name: SEUNCY Value: 890B99332CB5283B
.pubmatic.com/	1970-01-20 14:53:11	Name: KRTBCOOKIE_409 Value: 22966-NrGB8F9IYRQbjhjbaURUXYXn
.smartadserver.com/	1970-01-20 23:41:40	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 22:57:02	Name: csync Value: 127:AAJ_Bk7JxgsAACbt6CRt4g
.zeotap.com/	1970-01-20 14:11:26	Name: zsc Value: %08%A0X%ABB%C9%E2ze%B2%B9%F4o%1F%5E%9E%C3i%DC%96tM%92Q%F8%03%A0%A8%C1%FFZS%9908y%25%C9%E0%FA%15%91%17%7C0Jn%9B%5C%80%E9T%1B%D6h%E8%11U%0Fn%C8%C5%07%B6M%14%BF%B3%B5%F5%F1%98v%FC%02m%BE%06%02%03%2B6%AD%04%99ku%E6%BE%3B8%DB%89%CF%A3%24%DEU%DE%EA%E6%5C%17kgc8F%CE%9B%2F%25%FA%1B%257%8FKe%B4F%7Fy%88M%0B%DC%7C.Mm%CB+v-%809B0%83%C2%A6%0B%3B%E25%B9%AE%B14r%B8%D3%83SES%A3%C1%0C%80%3BFWk%5CW%3Af
.smartadserver.com/	1970-01-20 23:41:40	Name: pid Value: 5505691669261945789
.csync.loopme.me/	1970-01-20 16:22:28	Name: viewer_token Value: f771fae9-e48f-408c-bf3b-eee5be0fe727
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjO3MDAwMjMwshTiM9T1cTEIsXCJyHVxMkoDAMEuvG0lAAAA
.rfihub.com/	1970-01-20 23:31:35	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjO3MDAwMjMwshTiM9T1cTEIsXCJyHVxMkoDAMEuvG0lAAAA
.rfihub.com/	1970-01-20 23:31:35	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmlkamlpbmRmamIOAAfKEyMQAAAA
.pubmatic.com/	1970-01-20 16:19:35	Name: KRTBCOOKIE_18 Value: 22947-5140084926780026029
.pubmatic.com/	1970-01-20 16:19:35	Name: KRTBCOOKIE_699 Value: 22727-AAJ_Bk7JxgsAACbt6CRt4g
.onaudience.com/	1970-01-20 14:11:26	Name: done_redirects200 Value: 1
.gammaplatform.com/	1970-01-20 14:11:26	Name: _aGeoIp Value: PR\|San_Juan
.gammaplatform.com/	1970-01-20 23:45:59	Name: _aUID Value: 18ernjholz5n
.pubmatic.com/	1970-01-20 14:53:11	Name: KRTBCOOKIE_1310 Value: 23431-18ernjholz5n&KRTB&23446-18ernjholz5n&KRTB&23465-18ernjholz5n
.pubmatic.com/	1970-01-20 14:53:11	Name: PugT Value: 1692599727
.pubmatic.com/	1970-01-20 14:53:11	Name: SPugT Value: 1692599728

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D437f72dac62c6c49%26uid%3D%5BUID%5D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=eb1bb156-f82b-4801-4687-46190b511460&axd_pid=175 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D437f72dac62c6c49%26uid%3D%5BUID%5D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D9affd90f022e513e%26uid%3D%5BUID%5D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=9affd90f022e513e Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=437f72dac62c6c49 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D9affd90f022e513e%26uid%3D%5BUID%5D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=bbb47599-704c-4e2c-6bfe-0020bdebb9e8&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=5381ee60-b43e-41a0-6924-f5496f99938e&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=51028780-68B3-433A-8622-5829C1EB2D3F&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=eb1bb156-f82b-4801-4687-46190b511460&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=12071b2f-74dc-4619-45d2-aab59528a8e4&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	error	URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map Message: Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=eb1bb156-f82b-4801-4687-46190b511460&reqId=8b6336ba-99af-4a5e-70cb-68e14b730e61&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cs.admanmedia.com/sync/gumgum?puid=e_3379f05f-de37-410b-9fb7-e5188f31f259&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=1085498814&adk=2361214747&adf=2751417948&pi=t.ma~as.1085498814&w=240&fwrn=3&fwrnh=100&lmt=1692592524&rafmt=1&format=240x200&url=http%3A%2F%2Fbusinessua.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1692599723727&bpp=3&bdt=348&idt=404&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&cookie=ID%3Ddf84a35b61bb9a06-22cd698a57de0030%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_Ma-NteMOtwXJYSuWsljyOSC2dm8uA&gpic=UID%3D00000c64b2d95cfa%3AT%3D1692599722%3ART%3D1692599722%3AS%3DALNI_MZExIW2T6qp2DhzvCN-A6HPlufF4w&correlator=7762022059180&frm=23&ife=5&pv=1&ga_vid=940178178.1692599723&ga_sid=1692599724&ga_hid=2060603787&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1040&ady=1623&biw=1600&bih=1200&isw=240&ish=400&ifk=2647866859&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077088%2C31077148%2C44796632%2C44799579&oid=2&pvsid=3603909718987259&tmod=1466212727&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.mnioe35iproq&btvi=1&fsb=1&dtd=415 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.eu.criteo.com
ads.go2net.com.ua
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ap.lijit.com
api.phoenix-widget.com
b1sync.zemanta.com
banner.kiev.ua
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
businessua.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.admixer.net
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
cookies.nextmillmedia.com
core.iprom.net
counter.yadro.ru
cr.frontend.weborama.fr
creativecdn.com
cs.admanmedia.com
cs.mobfox.com
cs.yellowblue.io
csm.eu.criteo.net
csync.loopme.me
cti.w55c.net
d5p.de17a.com
dis.criteo.com
dm-eu.hybrid.ai
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
ef9f601d57fe4b11b5c5faa3947ff8e9-ks.ad-blender.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
green.erne.co
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
icdns.net
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.eu.criteo.net
img.phoenix-widget.com
inv-nets.admixer.net
ipac.ctnsnet.com
ks-match.admixer.net
loada.exelator.com
loadeu.exelator.com
m.trafmag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mwzeom.zeotap.com
notify.mgid.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
phoenix-widget.com
pixel-eu.onaudience.com
pixel-eu.onprospects.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pubmatic-match.dotomi.com
r.i.ua
rbp.mxptint.net
region1.google-analytics.com
reimgs.net
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.gumgum.com
rtb.openx.net
s-cs.rmp.rakuten.com
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
scripts.go2net.com.ua
secure-assets.rubiconproject.com
secure.adnxs.com
servetraff.com
simage2.pubmatic.com
simage4.pubmatic.com
sinoptik.ua
sinst.fwdcdn.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.phoenix-widget.com
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.lemmatechnologies.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
tags.w55c.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
ua-content.adriver.ru
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usermatch.krxd.net
usersync.gumgum.com
vid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
banner.kiev.ua
104.18.2.81
104.18.3.81
109.206.162.121
124.146.215.50
141.94.170.77
141.94.171.215
141.94.240.143
141.94.242.206
142.250.185.130
142.250.185.162
143.244.196.143
146.0.227.107
146.0.227.109
146.0.227.110
146.0.227.98
151.1.205.165
151.101.130.49
168.119.72.236
169.197.150.7
172.64.148.101
178.250.1.6
178.250.7.11
178.62.226.6
18.198.126.47
18.200.152.171
183.110.238.136
185.15.245.83
185.183.112.148
185.184.8.90
185.64.190.78
185.64.190.81
185.64.191.210
185.80.39.216
185.83.69.18
185.86.138.152
185.89.211.84
188.166.21.205
188.166.37.243
188.42.196.115
193.0.160.131
193.200.65.6
193.3.178.1
193.3.178.4
194.247.175.19
195.5.165.20
198.47.127.18
198.47.127.205
199.115.119.227
2.21.20.200
2001:4860:4802:32::36
205.234.175.175
208.93.169.131
212.42.76.150
212.82.100.182
213.155.156.182
216.52.2.39
23.201.255.110
23.218.210.30
23.227.139.243
23.35.236.201
23.88.86.2
2600:1f18:6593:f608:78e4:ddc4:e083:81a6
2600:9000:2117:ee00:3:4706:a6c0:93a1
2606:4700:10::6816:1857
2606:4700:1::6813:854c
2606:4700::6811:190e
2606:4700::6812:19ad
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2008
2a00:1450:4001:808::200a
2a00:1450:4001:809::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::a
2a02:2638:d::c
2a02:6ea0:c700::19
2a02:fa8:8806:16::1370
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a03:90c0:41:2801::62
2a04:4e42:200::300
2a05:d018:24:b002:30d4:cd9b:2350:dbd6
2a05:d018:d29:3601:3875:a2f1:5d10:86ec
2a06:98c1:3120::3
2a0c:5c87:5160::2
3.120.105.128
3.122.33.96
3.127.96.33
3.213.117.201
3.71.149.231
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.111.131.239
34.160.19.107
34.160.236.64
34.241.158.58
34.242.87.156
34.247.205.196
34.252.154.12
34.95.81.168
34.95.81.88
34.96.105.8
34.98.64.218
35.157.245.159
35.186.154.107
35.186.193.173
35.204.74.118
35.210.239.72
35.214.159.30
35.227.252.103
35.71.131.137
37.157.3.20
37.230.131.16
38.98.69.175
44.205.87.2
46.228.164.11
46.228.174.117
49.12.83.94
51.68.39.188
51.83.220.94
51.89.9.251
52.212.242.190
52.46.155.104
52.48.19.12
52.7.201.242
52.70.223.235
52.95.122.74
54.155.55.68
54.165.154.245
54.174.89.161
54.72.199.212
54.77.204.84
64.227.64.62
64.58.116.142
64.74.236.159
65.21.224.187
65.9.66.104
67.202.105.34
69.166.1.34
69.173.144.138
69.173.144.139
69.192.160.219
70.42.32.31
72.251.245.181
76.223.111.18
77.243.51.122
8.2.108.175
8.2.110.206
8.2.110.24
80.77.87.161
81.17.55.109
82.145.213.8
85.114.159.118
88.212.201.198
88.212.201.204
88.218.242.3
91.210.190.92
98.98.134.241
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
00b923d74fc40605b62bfff096a978bdc22fe6ba31a9a84bd7d813c37e4b0d30
015fad11b2e63a0e4db70b84205aa791619edac52656018242d5dc10beafcede
036742a67d055b068e8aa8641fbc5fc15faa8ccb4a2c454fbc476467000bb082
03caebb158fba9ce6b4c9513a16916462bf10d38437ae07940fb89b3f2c8db67
051a3711514a1d8e5e925eb08e886d40d23a14e305ff4982e8c808cdac888b09
05caeeef9ae71fa3c6b712ab18e22b95059b3fe68451f031b589cb9abb6f7ca1
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09936f581354442175379b9b596cc86ae0f11e13f37078547d62af198ba2bb2c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d50edb793843f94c83c854d19285f3658f6d64236d37f51996ab1f4e8ce68ce
0dfa5458e347fb719e4a01fc7d13f6ec3c81b6c5c392d7117073c8d39b2ed285
0e888b39b65915ddee6d18200e2728efcf0c79a4fdcec0a30de73c084170313b
0ec4cd946d00e2d74c0b2d0af9d899027b2611fe2003759573f674076e61d60e
0fccc1181f41684a036e7712e92215395e5c2605b469b4f082b57186d7309ac3
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
124eacdf42d3e77a5f673116c002b35864d1b19736bc30bf4be913635857d7ae
132caf8501ded4f80c9d0f356acacb6e7146b8309406e593911d9bed72514ea5
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3
15eb8e35f93d0e74a7a4daf5c375423930e2174ce51886090e72c54622229caf
17479fafb1a5850c544a263a606eae0ff4b970dbe16e152f944bd43c41e9c7ae
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a12d32480ae6045773f1ef841fc428b08e82f5b0c6e3a128f23fe0a1741b050
1b24ba95379d71a5be4bbdefeff8c7d7c4a0a085b60a686d2ec5c0a5cbcbdc74
1b2505fe9457bf0337bdda6b09c9fa8d804f9c824d2eb77aa2266277b602100b
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1b92731d2613adbbaed3463f58f366fcbe349aa588b325b2ffff863b4e7469a4
1e6cf9b4f56e26a01392796896866f67883feefb779236dd5bbc766b2ca31466
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
234cb29532d7874f3ffcc445e78babc24f00ed47c90c36fa70ed9d3df19ce2f2
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
247487e5c8e756cc99c1d14f2494b027819eecac4aedf9ff01b6446459b015ab
2514118d56b941acd4b49ceda428af6a0211b20e7e7514a667330411c28fe295
275be2c7a3483486f1cc5ce3f37b50cd2e708d08d42ecbfc1a5e4defd712816f
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b56e07a770ef4957105d9a36287a2bcaa51348bc5799a17ce4775971ab17e57
2c559b652b9464a184116bd83748f9a6f29ad64f70eb4d1926e57b240e28799e
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2ddff6ca403e408b50b61256db50543365aa711936908182d7edbc23bedc106a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30f762bb88e7ad6754ff9638fed1a145d4faaf40932ad4a44ee6e837570d3363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
386cffc306300930d11390e7ef3b437fe902b5d7363167fa2f1f33d8dcacf5f2
38b185696f18bcbfb77b97882a86f29fc326f44bbc7e46bde2969d904a8407e3
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bfd355e35b972638ac8e77174eeb44841fd6501ee17b7404f80efd7f68b0e64
3d866db783e818badcb986cd3873d35307f5546f379802d133b45f0cb5c79be0
3d91c5e4ee38dda506b44691d322978b5f4909e2283204daa6ce352f9aa4e452
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4a583ff1973d2f6da2273d89c8ee8b0519c5cf44983f05eede9afbd43d82cf
3f553645b1ae8bb42c524645dd6864ed03b7112b169fc177a74bef5dc192c368
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
432a5917e5be5301a520ddedea696ec8369542d0f1242539fc301f92a55b8956
435bc699146dcb3b9147ae9779ea4d60b08f496795e8afe05054892e38102351
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
459f394cc5816e35d3ae63a98051dfc78d083bd62caee96fcf6ae2ff1000de91
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d94e9c57387ee59b251b2098475f773e5843c41b2716af6738be24d4c004e7b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4fa5909019842e1ae38cd0b218c7550806707388ea19a279d41a2913d1f9c9dd
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
52c69a9e19f7dfc17f594b8b0c2b16a319e55b9f1c85d3c0f8f6e99cc84b25d2
52ef9f33cdc2e8db9ca26a47ef7ab531704d46df0a41a4d2dc1674bbec2c65bc
5309ca3e99da2e0fa0de2575ea750847db37fd4f4f1dbbda2a513268c702ace3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f34b9aaafeae301ea719d4d3852fadf83b252116cde7886f50472d400de7bc
5733c1307f82f1673e757b722ca6d26f1358bfa2658749079ec473be39bd20f3
57e2b7b17abd12110b867e37838e567932747a2a8744068a6b2bc7fbd79aa455
59ec0f8b9e3faec4e5d11d5df374c59ccb009c2f73dcf059e6d3dfa568a6a4fd
5a78f4b2c547b6d552ea5343e1de8a5d318575e7012cc9e33b570b6833174a4d
5af54c80c3d53db49459706d98e7ae8a3d49b6c5916f8549bc8a434a8a763ed5
5c01f7ce2bfb7de66c055e3579549a06fb0e73349bc2feb589db74c5e2410e39
5c7987d2f26ca9bf8254df658877b74005f2e90d3f477eacc606e011341d8082
603301ca857f0d7e31c6b84bf41e4d6d9058d2854cc60c2fa6e7f85f19599c91
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
64b77ee57e6162b6332f6ed5056599c1a13be92ff673f11c87bd443317a46543
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6641a317329e8b849784685cb7f2f362837a24145fdbfe25b1fe16f8cc7cb857
67933ebbc800d176d36a57e64ab5a28131909e73d9753c71878e6fa112e47817
68af52b37053d7a12a8776f8b8734fd8494f5d2650e957d464bbd0117abbb782
69ec2f978883256d03da81a23d3a0ea7c9d8ac11866c3f5064e3b02a94613976
6a537d9f4dd03ba1856a3f2cfbb95acade65539d4ba82b7acd3509a49683191b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70adb2d1dc931fc47995cb49d651c51f7615222fa5a6ff577df3ef9c94360374
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
727576b01189addb880f8fc106b69833b52e768248051074c21e2d6b4e450863
72ca6693dd9a9d65b48392f863320aa4ded0b042ab3b8d06e33aa5beb5ace7dc
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73f6ba54ac390cf8ee9e9261986e015bb1356d0a7367d62e1efc776891332d39
744efb4de5c611a78687573c16aae4f4deef00f9d7f06295e9f251d91b612e47
757727f42ed75849123b613ab4c6badc0448c1e6e4d5e3d2de8467eb626bbd2d
77433169eb480eb9c4d5d5cdb22498f6de3ed2dbbd127efb27cced42a58050e1
7746193042c3e083de7d669d7f12db1d6900329d6852ef70ccd242ad1b7ac201
775ca0c7c84154701f12473ee0a56c168245b96ab1f47943503d3fc4f8fc8770
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
78caf0aa7c8036db15e75fa9cdb286a17fb12c436c49e286637bcd2d1f005f1b
7a5ca9f359fe6fe948e9e480feeee623cffb2e414352e14cf00492b7d6908d76
7d314c86c0f0f0426a832d63996e043fd3c4aee476be12c62915c479460a8411
7de6e97ff042d5233cc48cc4808d5f1f48f5a4a44a73b825fe8f86a2e13759a7
81544b6d57310230c6737a29264d402090f89fd4f69c5cf2ddef8ef89526b265
81ff48776f63da4d9abdc89f0c4f6f8c9534b21a5f1789940a0f081bfc8ec833
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
826c62801d962426490f6889f5783c5a8763feb102114e4d7f34b36532e56969
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8718a8ae273f7ac06037cda9b076b360804967e83503832278cce84e4f6c5b78
871d6e1e89972eac78315604568b4369365a05ec4e877ff4fb2c3277493204c5
882b945c02d86ff90b5c7610d1f1d64712692f52073572b71f8f9c6bbab142e7
89bdeccf0543282acb2c83614c02dffb38b872230cfc23a008cd5bb70b538015
8a320d2d29204b865858f5f35bcaadf3065a62a9976b6813a26be033056ebba8
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
911fb8f3c9457ef89d35dd21dedfc00e7dd2eb1c64406567f5523a60e2d4ab16
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9432910549ed60750095a9fabff1716827fbb61a9270cd5c680f41c8ba8ba031
94d72e33cc069497ce3b8dfed8aa61ace94356301bb7b75817a829e48423f399
951fdee90d634d89a2dc2140bd1afaf1248477098b9c439650406ccdbd982d56
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
9652646e4c2f516ef05a7f8ded2e572eda59d09fdf976612ab52970072e20353
96aaf5ae3e0efa99c94caabfca0a49af5b4bc22a5ec2f3d0b89fa2752c9e093a
97a4b3eb2e6b3172adbd1396b0fbe4f511f476c075faee634a6f786ae093c9d2
98a47cc3cb7e1134fee55a06ab085279d1e15db7d8f9f960277a16021c59c5ce
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98b65807e5d0c48fe0f41c2be2c7fe83fb1b00be3588a2a40aef0de29b909cd1
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
999ad9e278c7120fd946730c476eaacb43e38476d776bfc685f6aceb2cf9bb1e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4b84fd1d67cd6a149017fcb087092660c493c4244d43a4abe5e6c2a73e7dfa
9e0741dd15bb9e17e10391c78a7a202d7d11aae647ce3ca2dac1cedb6619adcb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2c10f0d87cecdd308cc2ccc0eb7bd815d33fa4fa3deac19c8f4e1be090fb5cd
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a54487daab6d1229f4476fa0f59f16c97a220489b15ce50c781762c3b28f4d29
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9b65509a867bf15e60b0e39630792ab66b50a5e9fe810a251fb51c6589a6f0b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a1aeb5954058577f1bae4c66477d62a279297e37ce8cd6d1fd2a5536bd203c
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b56fd6fba6303d72dda87e55ce9bb70fdf0376de22e9d981e8d6fcc7f65f5c7b
b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8
b6aefe3e96621fbd6e753364ada0e185fd4cce9f6e7e2ae32300fff52e8ecfa4
b973641f7213cb908cafc21b93118b5ef5c03d19eeef95fba028dc7cadf85544
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc42e3239b0356ac32f43e6ed5c747f7609f205617fcb3d2043fe674dee7e3eb
bdb08ea5b971c8e6950c3e0e79f1e6776b013ea696af8f591faf4c35e23c890c
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c33ebd244a05af7afc3ccae0617981f390009b6368a07e1b53e341f961ece910
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c58feb32d47e379cdedded0568339f0db476feadfb7fa0e8c49e3de755108c74
c5bd22445d2f97204360724b634ed76bcedb05ae689b9c4f6d2404b5362cc580
c782e9ec68cb5973fc5ce1b2852b6ab88a4576bbcd9ef1270fc93736ad23b752
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88
c85ef490276990e9ae9c0e869935a8c32503a372e5c2c2e0b6daf4240759ec91
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a
cab9e4fa6b7205bf816af2b8c1dac65ffaabe1b9124212dd0661322226e719a0
cb3f2d6cb2e60071070e24810249b0c04926ace3d92b09f79d7c33bbe72ba4bb
cdc53b171ad9fd2178fcbda5bc5dfcfdb97d9c68715e0938897b2a0be419d62a
ce7b699aac2647df3ae4d38138565a8486e5bd0d4c14e73275d11f563d42bd7b
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7bfaa0297903fa6d291c8644972e998cccf99320951c07d9a70ca6d13d42e5
d0a9e46b51a35ed66df52c4a5ad31b2a5d03a4bcb4167945ad49715bac474494
d41f2f63ffbb0eb141c567d7b8ad4d34be560310bbf8fb8066e57dde2d41cee2
d4effea06218af4b8e9983d070e9e282cbcf97119754ed86162746345123a048
d66263b105f5833e2b45e1dd4b69b17357b13703d4777ae80ecf38c1def1fcc2
d80ede991d0b4be8bad371ea59b491cf5452cb6c3132b1358a6efca96fa6d2ae
d89e8fd1059d6a8a7b0d9835d0a82199f355774ad0d5c518d85cb083b1b97d90
d9b6d9af90c58d96a590b88654d83e13d123afb1579fed0708ba4de2e8db587d
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
daffe282d5d0945f881b2aaa48e24dbf4531056c6ff48550244031639d74dd83
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd169d3daa4b4b294ec5203b03b00797a2b950453a23e5856e211b868ef143bd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e08e18b262aa23c4015fa2e1a41048d0a4a4f578aef0cd5b1f66603c2166e39c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018
e639a498db65b001efa936a3369ea5f1bf4fef8fc78a7330fc1cc7f5594b0d34
e80c687eb076b13c095ae7b1c33bfe930b9f3056364888ee10e856d7d3ddbc6a
e9f0bce617384e371261b8be66f44ba84afcbdfe93807e6f2d51d7dc0b5479d1
ec0baa8fc113d06b31083d72dd68c2994a3392ef9a01afbad21c8a150b2de185
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4410f941182dc0d07704c0651029e32aa0a0183dd07634baa3fe56c382475e6
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7febeab1d3a3e84da74e27b92f4fed2f67d4522bd4a912130891bf9c8f5db8b
f82ce4491c6e55b92505f61dd8ee60657a065241a97842866aebab73a5611bf6
f886059d48e9f54faa7d886208fe94dcdaf6713cdbf1c65367264c850e177d96
f8ee431f1a979a82ead17921fa698a59f07b7cecd81a0f9a124130de446d4212
f930509ebac4d0fe907137b7d065293ffb589ffa3b25c5022a82c28fb3510c28
fc97be0205a0dc59b10bb3a53575a548b7ba1ffadc16aeae7756831647cc859c
fca014dcee5d093cf8c04e9074e0f339484f863977c33ecb83e64664f5d732a9
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fea4cdde6f552b44b1027e9d37c879224b25a9fd6e3c17cb8d9f334810768848
ffbbdb917a08d399b7e075624930914a8a0674155a41acb42a135fa70efb5745
fffa5f4ec639b79d01e8eea7483dcc39cecc151e0399aa2f668f3e3e8b706a2f

businessua.com Open in urlscan Pro 91.210.190.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

702 Requests

71 %HTTPS

21 %IPv6

131 Domains

194 Subdomains

129 IPs

23 Countries

5057 kBTransfer

9315 kBSize

170 Cookies

14 Outgoing links

Redirected requests

702 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

businessua.com Open in urlscan Pro
91.210.190.92 Public Scan

Screenshot
Live screenshot

Full Image

702
Requests

71 %
HTTPS

21 %
IPv6

131
Domains

194
Subdomains

129
IPs

23
Countries

5057 kB
Transfer

9315 kB
Size

170
Cookies

702 HTTP transactions
17 data transactions