gramhir.com Open in urlscan Pro
2606:4700:20::ac43:46b7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gramhir.com/search/waleedrapper
Submission: On December 17 via api (December 17th 2021, 9:45:55 pm UTC) from LU — Scanned from DE

Summary HTTP 188 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 60 IPs in 12 countries across 66 domains to perform 188 HTTP transactions. The main IP is 2606:4700:20::ac43:46b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is gramhir.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 1st 2021. Valid for: a year.

This is the only time gramhir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:20:... 2606:4700:20::ac43:46b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:310... 2606:4700:3108::ac42:28fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	141.95.3.9 141.95.3.9	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3 3	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700:20:... 2606:4700:20::681a:9b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
3 12	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
5 11	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
7 7	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	145.239.1.221 145.239.1.221	16276 (OVH) (OVH)
2 3	85.90.246.246 85.90.246.246	63949 (LINODE-AP...) (LINODE-AP Linode)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	51.77.65.176 51.77.65.176	16276 (OVH) (OVH)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
3	3.214.202.18 3.214.202.18	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:236... 2600:9000:236e:6c00:17:8296:f1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 3	34.248.204.54 34.248.204.54	16509 (AMAZON-02) (AMAZON-02)
1 1	23.88.75.188 23.88.75.188	24940 (HETZNER-AS) (HETZNER-AS)
1 1	34.237.23.137 34.237.23.137	14618 (AMAZON-AES) (AMAZON-AES)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	72.251.245.181 72.251.245.181	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	188.165.4.142 188.165.4.142	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3 3	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3601:6aba:1333:1e2b:7cf5	16509 (AMAZON-02) (AMAZON-02)
8 8	18.195.177.130 18.195.177.130	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	15169 (GOOGLE) (GOOGLE)
1 1	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	193.232.150.150 193.232.150.150	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5 6	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	151.236.118.210 151.236.118.210	204720 (CDNETWORKS) (CDNETWORKS)
1 1	47.252.78.131 47.252.78.131	() ()
2 2	89.108.120.76 89.108.120.76	() ()
1 2	2001:6d0:4001... 2001:6d0:4001::226	() ()
188	60

23 2606:4700:20::ac43:46b7 (United States)

ASN13335 (CLOUDFLARENET, US)

gramhir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:28fd (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.3.9 (France)

ASN16276 (OVH, FR)
PTR: p32.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.35.65 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:9b2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 96.46.183.20 (United States) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.172.123 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ead7f38e75bbe3f0afade60b48518300.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.1.221 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: adn22.smartstream.tv

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.90.246.246 (Frankfurt am Main, Germany) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1429-246.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.176 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: tags12.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.214.202.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-202-18.compute-1.amazonaws.com

mfad.inskinad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:6c00:17:8296:f1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.mfad.inskinad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.41 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.248.204.54 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-204-54.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.188 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.23.137 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-23-137.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.181 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.4.142 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip142.ip-188-165-4.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.248 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.83.225 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:6aba:1333:1e2b:7cf5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.195.177.130 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-177-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.27 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.150 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp17.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.172.81.172 (Muehlheim am Main, Germany) 5 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (None, ) 1 redirects

ASN- ()

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (None, ) 2 redirects

ASN- ()

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (None, ) 1 redirects

ASN- ()

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	65 KB
23	gramhir.com gramhir.com	364 KB
16	doubleclick.net 7 redirects pubads.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	286 KB
14	googlesyndication.com pagead2.googlesyndication.com ead7f38e75bbe3f0afade60b48518300.safeframe.googlesyndication.com tpc.googlesyndication.com	83 KB
14	adnxs.com 6 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	44 KB
14	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel-eu.rubiconproject.com	34 KB
14	criteo.com 4 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	9 KB
13	betweendigital.com 3 redirects ads.betweendigital.com cache.betweendigital.com	9 KB
8	bidswitch.net 8 redirects x.bidswitch.net	5 KB
8	adform.net 1 redirects adx.adform.net cm.adform.net s1.adform.net c1.adform.net	35 KB
6	setupad.net prebid-stag.setupad.net	2 KB
6	4dex.io script.4dex.io mp.4dex.io	47 KB
5	bumlam.com 5 redirects sync.bumlam.com	3 KB
5	addthis.com s7.addthis.com m.addthis.com	217 KB
4	criteo.net static.criteo.net	105 KB
4	inskinad.com mfad.inskinad.com cdn.mfad.inskinad.com	30 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	adsafety.net 3 redirects cm.adsafety.net tags.adsafety.net	7 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	setupad.com node.setupad.com	625 B
3	googletagservices.com www.googletagservices.com	90 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	707 B
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	adhigh.net 2 redirects px.adhigh.net	820 B
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	onaudience.com 1 redirects pixel.onaudience.com	736 B
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	653 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	744 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	smartclip.net 1 redirects ad.sxp.smartclip.net	834 B
2	google.com adservice.google.com www.google.com	2 KB
2	creativecdn.com prebid-eu.creativecdn.com	346 B
2	a-mo.net prebid.a-mo.net	610 B
2	id5-sync.com id5-sync.com	1 KB
2	stpd.cloud stpd.cloud	285 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	sniperlog.ru sync3.sniperlog.ru	516 B
1	clientgear.com 1 redirects event.clientgear.com	262 B
1	playground.xyz 1 redirects ads.playground.xyz	460 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	534 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	518 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	simpli.fi um.simpli.fi	616 B
1	iprom.net core.iprom.net	277 B
1	ad4m.at ad4m.at	915 B
1	erne.co 1 redirects green.erne.co	326 B
1	adgrx.com cm.adgrx.com	408 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	651 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	smartstream.tv 1 redirects ads.smartstream.tv	823 B
1	google.de adservice.google.de	792 B
1	addthisedge.com v1.addthisedge.com	738 B
1	moatads.com z.moatads.com	1 KB
1	googleapis.com ajax.googleapis.com	31 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
0	gumgum.com Failed rtb.gumgum.com Failed
188	66

	Domain	Requested by
23	gramhir.com	gramhir.com
13	simage2.pubmatic.com	ads.pubmatic.com
12	ads.betweendigital.com	3 redirects gramhir.com stpd.cloud ads.betweendigital.com
11	ib.adnxs.com	5 redirects stpd.cloud acdn.adnxs.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net stpd.cloud tpc.googlesyndication.com gramhir.com googleads.g.doubleclick.net www.googletagservices.com
8	x.bidswitch.net	8 redirects
7	image2.pubmatic.com	ads.pubmatic.com
7	cm.g.doubleclick.net	7 redirects
6	prebid-stag.setupad.net	stpd.cloud gramhir.com
6	eus.rubiconproject.com	gramhir.com eus.rubiconproject.com cache.betweendigital.com
6	gum.criteo.com	3 redirects static.criteo.net
5	sync.bumlam.com	5 redirects
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net gramhir.com
5	ads.pubmatic.com	stpd.cloud ads.pubmatic.com
5	mug.criteo.com	gramhir.com
4	static.criteo.net	stpd.cloud static.criteo.net
4	match.adsrvr.org	4 redirects
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net
4	script.4dex.io	stpd.cloud script.4dex.io
4	s7.addthis.com	gramhir.com s7.addthis.com
3	sync.mathtag.com	3 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	mfad.inskinad.com	gramhir.com mfad.inskinad.com
3	cm.adsafety.net	2 redirects googleads.g.doubleclick.net
3	node.setupad.com	gramhir.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	adx.adform.net	stpd.cloud
3	secure-assets.rubiconproject.com	3 redirects
3	www.googletagservices.com	gramhir.com securepubads.g.doubleclick.net
2	www.tns-counter.ru	1 redirects
2	x01.aidata.io	2 redirects
2	sync3.adsniper.ru	2 redirects
2	ap.lijit.com	2 redirects
2	px.adhigh.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	d5p.de17a.com	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	acdn.adnxs.com	stpd.cloud
2	ad.sxp.smartclip.net	1 redirects googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	stpd.cloud gramhir.com
2	cm.adform.net	gramhir.com stpd.cloud
2	pixel-eu.rubiconproject.com	eus.rubiconproject.com
2	image6.pubmatic.com	ads.pubmatic.com
2	bidder.criteo.com	stpd.cloud
2	mp.4dex.io	stpd.cloud
2	prebid-eu.creativecdn.com	stpd.cloud
2	hbopenbid.pubmatic.com	stpd.cloud
2	prebid.a-mo.net	stpd.cloud
2	id5-sync.com	stpd.cloud
2	stpd.cloud	gramhir.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pubads.g.doubleclick.net	gramhir.com
1	sync3.sniperlog.ru
1	event.clientgear.com	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	pixel.quantserve.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	green.erne.co	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	csync.loopme.me	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	1 redirects
1	cdn.mfad.inskinad.com	gramhir.com
1	tags.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	s1.adform.net	stpd.cloud
1	www.google.com	tpc.googlesyndication.com
1	ead7f38e75bbe3f0afade60b48518300.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	ajax.googleapis.com	gramhir.com
1	www.googletagmanager.com	gramhir.com
0	rtb.gumgum.com Failed
188	96

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-01` - `2022-08-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
node.setupad.com R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
mfad.inskinad.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
cdn.mfad.inskinad.com Amazon	`2021-03-27` - `2022-04-25`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.iprom.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh

This page contains 39 frames:

Primary Page: https://gramhir.com/search/waleedrapper
Frame ID: 546ADF13B04FA430ACA80D9A7FE02E10
Requests: 36 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 248449710BD1B4D5EB83A7B52F4883AD
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B7E56FCE73E1701389A29B80658AA2BB
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 2CF8FD200038C2A56E59D0071EC5CB48
Requests: 28 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 94696656E74939FBF004E2A6F13714B2
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 26E2151E0C14D344F9E45E7BDF3647B8
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: F7DAD525ED9957AEAE83B546469E8234
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 6FBFB3FB7FD34B49EB984FBD29A40214
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: D683FCB04CCCBF695A8B0DB2621524FC
Requests: 1 HTTP requests in this frame

Frame: https://ead7f38e75bbe3f0afade60b48518300.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: B2FEC191D5C8BF17C159AEF62CEE5192
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9255687BACFA6B9BAD6B087722E52B45
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14AEBD89A636415861F8136435321756
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8qkIYKHZ0xiFazfvyI7SJS8HiOh3pIbSc79eh6NKD9bcq7FxdY0GUJ8IcvSZLB92p_Rmr6k9lGNX8jH1aCdddCcKdjlCT7frUetWG7VAeeFKBtKsDvwT5-lzSsu1qWWqIYlVXmasJQl0CfRxgNfyDFr4BJir_dKeh0hrZ20ZqBvkwm2pWThmCkteOcUda8dz4mfn_WCkM0dF5UEUFq3_qmXERqVykoQN3pezJH8FDgAMJ75zLH7Ph5i5cMq8ctZv7zVwNFayuUl2P8ZQxKr77CcObPkT20dSkcgUyU-IXNH25e0NEHq1XYJjqL8fp3xttkz6BUYEg4pGM&sai=AMfl-YQSr5-YlNuHj9iD970_C6U4UvamEC7FNpg1fFFKGE_W5NeBVT2Rmhs8aNqkTlVqE8q_Y7fu57WMCmgHmntS02CCYdoEAfYMKRtB1zNZwem_UaNb5DcgvopOG1f3tX5J&sig=Cg0ArKJSzF4EIPV3HS07EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 19ACA81D806BBDDF4CFA1B15F884E4D9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeYigEQt8ShAhjY7pa7ATAB&v=APEucNUhJKD-_9OhAUG1-2thlvgpASEaYKRPaGKxjcgGlVA1TL5wbOoNpX6oFSvJc0zvSk7xkTuxjGVypqOiGM8paA3_4aJskMnyKgwMPJWRhQM2dCfzbQKcGVeIQDOc57ooH5gCApfAk5etXrwSglnrXJxidZvJ2l2fQQYKfbbXkEPiSplqGtMvuR-D_Ix7bOUtHJygKlBY
Frame ID: F9B541C96872D7C95415A4A12609650A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4578B5E5A45615411DFD5B08AD786E28
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gramhir.com
Frame ID: 78F186A86C1A817D0CEA52A9C22AD395
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 762B537FEAE167DCC0E54CF3E794AD0A
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 32FC0F3D214A2F52D5C751A916F616F8
Requests: 21 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E267C37016D0A7BD27A84CDAC793AB56
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 1A07F7CFBD4D303A241F8436699C2907
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D039725672896C45225C94809B6C6567
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EE66588A9AB4306FA2545BDB6ECFCFE0
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C17BF74D-B808-4180-9230-7C6F90106ACF
Frame ID: DD923D660BC6DFF95114252AC45AC066
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1911885660412990069
Frame ID: C07A9C93F5F872EB40CFCB525E818B7C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 9D8560FCB76267930B3B70B730416DAD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042790967150114970
Frame ID: B85FDD044BC8F8FFD53BA98BAEC34C8D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yb0FEgAMrIMQKQAz&gdpr=0&gdpr_consent=&_test=Yb0FEgAMrIMQKQAz
Frame ID: 6ED037D43682931C6C07F9FF7939BC79
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: DA1F61DE7DCD4F7AAA4008B739BAC1A2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 880B7B0CA396D71DE17E23FA2A4E96EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rrxSQL1wQvd8L7hj0GXRSlvHdk8
Frame ID: A15DA7FD6DDBBDE758AC1298C82A044C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003
Frame ID: B44F1E91B9CD9808DF3D22B08C4C01F3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8DDBDF4E8A93ED68E2EF569B991438D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eyKY5MKKw6YbOhsw119aX_8Z
Frame ID: 47BCC08F07F412B0001819BDD0D316A5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 8AC966C3B70A4D1719A69CEF3E8A7841
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 8260B9D9300A3C93057A74CAE8C176CA
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A408A7D378A318D77703BD8E7AA1F8A5
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1cf8baf8-b5c5-4fa5-8c6e-dc0a492848d1-tuct8b68a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: ECCE8D21FC8E81488AC86DEDFD3A1723
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9bf69ba4-9990-5360-8033-ca97e18ecf99&CACHEBUSTER=415095
Frame ID: D93588F706F8C96EDA121AD2F251C40C
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 349EB87B3FDA7E47EEA46929B1EA59C7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

waleedrapper Instagram search results - Gramhir.comFacebookTwitterWhatsAppPinterestMessengerEmailAddThisFacebookTwitterWhatsAppPinterestMessengerEmailAddThis

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

188
Requests

81 %
HTTPS

30 %
IPv6

66
Domains

96
Subdomains

60
IPs

12
Countries

1793 kB
Transfer

4919 kB
Size

103
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgramhir.com%2F&domain=gramhir.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=sTpPjHxlVjdhVVlTeEpyMVFEVklsQWpMSnlLUzdlRnBiZ0h0NFVJVWdyWm9DL1ZRQ0JxSkNGS0I4d1FjVUQ2ZEtRYlJZSlFOMlVRUzNBTGh0QUlGbFlKM1QxbnhkL3ZFZWdQZVFxK3NnTmhNbDl2SDJSRHdSaTg0YWdvNHNEZk4wNUhvVDMwanc0eHVGcGdVZjUvUkw2VEJKandMcUZwSXRxaW1JcE93SWNGVDVzbnUvUEFXMTFzZG9OajJlWFB1Y1Y0aUZwZ3o0RjdlUjJRZVlQZHM4TUZkZzE0MlNNV0xZU3RZZXpESHhEVE84cWRVPXw&cppv=2

Request Chain 41

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 44

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgramhir.com%2F&domain=gramhir.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=OCBeX3xZeUhJQUJZQUVBMlNKUUU4Z1V6Y0lZaVVabVZaVElDeDBZdCs1T0lJbVBRM1lGak5UWnFaQWVxTzY4NkdYb01rTTN5bkJ3YVo5Q1NlcnBsTC9RdUsrOEVoN3NaV1NvdlhRUnVYVHZRU1JPaWFmOHNiRmpDWkFFVVB4NGpmNGk2S01HMGNmNEJOL0I1NTBnb1FaTTVRdm9oR1JzMThSOHFGK1hDUWM2NWRUYWdoZit6ejNPeFVOWFN6SzNDMjg0MXZiSm9ubjJFdUFPVEllSFRGd3V4SVM5SFFBbmpEa3lhaG93VFZKNFdWMFNJPXw&cppv=2

Request Chain 47

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 54

https://ads.betweendigital.com/adjson?sizes=1200x300%252C1200x200%252C1100x200%252C970x250%252C980x200%252C980x180%252C980x150%252C930x150%252C970x90%252C980x120%252C970x240%252C980x240%252C980x90%252C930x180%252C950x90%252C1100x300%252C1000x300%252C980x300%252C970x300%252C1000x90%252C1000x100%252C1000x120%252C1000x150%252C1000x200%252C1100x210%252C1100x250&jst=hb&ord=3758245874946049&tz=0&fl=0&rr=direct&s=4463960&bidid=143ed783a09bdee&transactionid=97dab22f-7f61-46f5-be3e-c88983d9fa17&auctionid=4893cb8d-5805-413d-be5c-1e0946fb66b1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMzAxIiwiaHAiOjF9XX0&ref=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper HTTP 302
https://ads.betweendigital.com/adjson?sizes=1200x300%252C1200x200%252C1100x200%252C970x250%252C980x200%252C980x180%252C980x150%252C930x150%252C970x90%252C980x120%252C970x240%252C980x240%252C980x90%252C930x180%252C950x90%252C1100x300%252C1000x300%252C980x300%252C970x300%252C1000x90%252C1000x100%252C1000x120%252C1000x150%252C1000x200%252C1100x210%252C1100x250&jst=hb&ord=3758245874946049&tz=0&fl=0&rr=direct&s=4463960&bidid=143ed783a09bdee&transactionid=97dab22f-7f61-46f5-be3e-c88983d9fa17&auctionid=4893cb8d-5805-413d-be5c-1e0946fb66b1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMzAxIiwiaHAiOjF9XX0&ref=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper&crf=1

Request Chain 70

https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=4937521622431946&tz=0&fl=0&rr=direct&s=4463966&bidid=202bfd0615842dc&transactionid=128517f7-46ab-4a22-9a68-46891d468028&auctionid=c93f503d-af2f-4046-ad2a-0a3c9dc83928&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMzAxIiwiaHAiOjF9XX0&ref=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper HTTP 302
https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=4937521622431946&tz=0&fl=0&rr=direct&s=4463966&bidid=202bfd0615842dc&transactionid=128517f7-46ab-4a22-9a68-46891d468028&auctionid=c93f503d-af2f-4046-ad2a-0a3c9dc83928&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMzAxIiwiaHAiOjF9XX0&ref=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper&crf=1

Request Chain 85

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8973840179362310736

Request Chain 86

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=3762983755526643529

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEPLps6i97nyCovUDsHGYguM&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEPLps6i97nyCovUDsHGYguM&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=f0c7d30d8e69a86e645d2afaa6d0d3bd&uid=f0c7d30d8e69a86e645d2afaa6d0d3bd&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=admans&ttd_tpi=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=ttdx&idt=100&did=7d1eb309-f165-4d72-88d7-117cfec90412 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM120211217218fd70c528dfc3199256&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Ddefault%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=f0c7d30d8e69a86e645d2afaa6d0d3bd

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEIRWuxmTaxdWsC-XHy_vNl0&google_cver=1 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEIRWuxmTaxdWsC-XHy_vNl0&google_cver=1&ang_testid=1

Request Chain 129

https://gum.criteo.com/sid/json?origin=publishertag&domain=gramhir.com&sn=ChromeSyncframe&so=3&topUrl=gramhir.com&bundle=k6OXJ191VXpQMVdKUFZkWFNySThoT1V1a2FoTjRZOHclMkIlMkI0SHlzTkZQMWFseVdvSWNUajNBUEJ2TmdLaVdRa25HbTVFMmhHRWNTMXEwSjFOZXJPVW5Ta25kNnZOSk1XQjAzclhVZ3JWc0dPSFBnUkV2cFNETUNrSnloNFppdmtyNERiRHo&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=tdb15nwvcmQ1SHR0dnlxb0JuY05jQklPSlFkeVBGTGc2WUNoTGh0M2F2eHVPWmsxOWEvaFp6cjdXUi9OVWhBV0l5dkFXMkJXb3V6WjlobU9DQ1VKbzV5YU5nWmFXeTNFNHRnM1Nzd1B2QlJUOU94elY5YWw2V3dsZ2J5QWswaS9qSW81VWV1akEzRDFMU3BtWDh3WWJ1RWlDRTZxdXRQWHJKSGZXTitTQ2JKUFFTMHR0aVBRRlBmR0lUWElSR29MREpqcnlySU44UHBQanVRUC9zZnRMRzJTUkdySjZxM2N1V09yVldqQ0xGWE8wWTJBYkNjc2JyQXM0SjNBSTVta0d0R1JpMUx0NVNsRjIyOVRxYmZmVTFSYU5wSkt3OGh0UEpaNE1hV2t0T0pvZHlRND18&cppv=2

Request Chain 138

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1911885660412990069

Request Chain 139

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 140

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042790967150114970

Request Chain 141

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yb0FEgAMrIMQKQAz HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yb0FEgAMrIMQKQAz&gdpr=0&gdpr_consent=&_test=Yb0FEgAMrIMQKQAz

Request Chain 142

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLNVNVN0RlZ29BQUVDU2lnc1FNQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 143

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 144

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rrxSQL1wQvd8L7hj0GXRSlvHdk8

Request Chain 145

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4837253409 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7d1eb309-f165-4d72-88d7-117cfec90412 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003

Request Chain 147

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eyKY5MKKw6YbOhsw119aX_8Z

Request Chain 150

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 151

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1cf8baf8-b5c5-4fa5-8c6e-dc0a492848d1-tuct8b68a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wXv3TbgIQYCSMHxvkBBqzw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 153

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=214161bd-0512-4100-ac66-89fdefea3e66

Request Chain 154

https://pixel.onaudience.com/?partner=214&mapped=C17BF74D-B808-4180-9230-7C6F90106ACF HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=af3c883343ba6fec5251ef8402004e3a

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzE3QkY3NEQtQjgwOC00MTgwLTkyMzAtN0M2RjkwMTA2QUNG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAcS_6STB17M_s_OSkvzknA&google_cver=1

Request Chain 158

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:013c61bd-0512-4900-bf48-fb2bdf1b36da&gdpr=0&gdpr_consent=

Request Chain 159

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7d1eb309-f165-4d72-88d7-117cfec90412

Request Chain 160

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3352462481639665022

Request Chain 161

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8973840179362310736&gdpr=0&gdpr_consent=

Request Chain 162

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l2di6JFjMb6MZWW-lGUtvpQwN7WMbma7wDcmv7LL

Request Chain 163

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C17BF74D-B808-4180-9230-7C6F90106ACF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C17BF74D-B808-4180-9230-7C6F90106ACF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NJU8OSVE2uUUZnVW8qv96pLo1TTr4O4-~A&gdpr=0&gdpr_consent=

Request Chain 165

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=9bf69ba4-9990-5360-8033-ca97e18ecf99&ssp=pubmatic&expires=30&user_group=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bb391dc3-715a-460c-952c-6330e3923d9c&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 166

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2373281510821007953&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 168

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 169

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:516088a6-3eec-4e3d-b163-ef6ea8e5cec7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 170

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8973840179362310736

Request Chain 171

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dbb391dc3-715a-460c-952c-6330e3923d9c&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=013c61bd-0512-4900-bf48-fb2bdf1b36da&expires=30&ssp=between&bsw_param=bb391dc3-715a-460c-952c-6330e3923d9c&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bb391dc3-715a-460c-952c-6330e3923d9c

Request Chain 172

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=85trpsnytxS.AikABlF9ylvPlg

Request Chain 173

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=adc8f4e8164a475d263fa4c7

Request Chain 174

https://sync.bumlam.com/?src=bw1&uid=9bf69ba4-9990-5360-8033-ca97e18ecf99 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiSivSNBlIFvp7KygpiJDliZjY5YmE0LTk5OTAtNTM2MC04MDMzLWNhOTdlMThlY2Y5OQ** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiSivSNBlIFvp7KygpiJDliZjY5YmE0LTk5OTAtNTM2MC04MDMzLWNhOTdlMThlY2Y5OaIBELXbaphfghHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiSivSNBmIkOWJmNjliYTQtOTk5MC01MzYwLTgwMzMtY2E5N2UxOGVjZjk5ogEQtdtqmF-CEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiSivSNBmIkOWJmNjliYTQtOTk5MC01MzYwLTgwMzMtY2E5N2UxOGVjZjk5ogEQtdtqmF-CEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=b5db6a98-5f82-11ec-a6e9-002590c82437

Request Chain 178

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=bb391dc3-715a-460c-952c-6330e3923d9c HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mkdbb4842b-1ba4-4bf9-90be-43556e8191d6&expires=7&user_group=5&ssp=between&bsw_param=bb391dc3-715a-460c-952c-6330e3923d9c HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bb391dc3-715a-460c-952c-6330e3923d9c

Request Chain 179

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b5db6a98-5f82-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b5db6a98-5f82-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=DUJG5BtPjcC8WZauqOJ%2Bsg& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=DUJG5BtPjcC8WZauqOJ+sg&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=DUJG5BtPjcC8WZauqOJ+sg&extra2=aidata&google_gid=CAESEDdKNp4yOu0ZNp4jlHPBzdo&google_cver=1

Request Chain 182

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 186

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/415095 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/415095

Request Chain 187

https://x.bidswitch.net/sync?dsp_id=429&user_id=9bf69ba4-9990-5360-8033-ca97e18ecf99&expires=60 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=bb391dc3-715a-460c-952c-6330e3923d9c

188 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request waleedrapper Show response
gramhir.com/search/ 15 KB
4 KB 455ms
438ms Document
text/html 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b05b9ba1f6295cc898a0bdaf91f9922c21043a3fd13e10a17a0c031b72e081

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 17 Dec 2021 21:45:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZKM9PwTYmUcqQGPzYk0a4oDF3Ww3nRuRtE3l7uKhExahYfRZ8FOIrL%2BPPnW7Kw8ZxfX%2Bng1GJucKDYuD4%2BE8BQrWqeIKW1UT5AijXy%2FQsy0ELb%2FrLapiQW3KFVYkrxP9ZHi7F%2Fu6n0z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bf357316ddb2c4e-FRA
content-encoding: br

GET
H2 200 style.css
gramhir.com/app/assets/css/ 72 KB
13 KB 15ms
15ms Stylesheet
text/css 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/css/style.css?v=1639777549
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 239fd6b53992199974e023c2c7ae7a4626a48b3304ebeef6c1fe5f9caa588eeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Oct 2021 09:14:21 GMT
server: cloudflare
age: 1
etag: W/"616d3aed-11e1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ablia%2BuAcruKQ9534jg2vbsmpfB7gz3vnUZfY5IiFI%2BjKiRndjTYDWKTVq7lCZbyl1b%2Bf5nJionVqiHTD5MoBg7QB817wT7QlZ2Lfh5mGgmU%2F%2F9vgVWNPmMbKmp70RJmrJ1exVqTyK0q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d87f2c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello.css
gramhir.com/app/assets/fonts/fontello/css/ 3 KB
1 KB 16ms
16ms Stylesheet
text/css 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/fonts/fontello/css/fontello.css?v=2
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69132eb2f05e13a4c63a410722925db45aee5c05b3cb792fcb602e890ee69860

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2019 09:47:48 GMT
server: cloudflare
age: 8277058
etag: W/"5cbedf44-b3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQyrlplXOMH4QAq9OUQ6F8xq60ykqITfvqlw0jkeJLkhRcm%2FAZ54oC%2BwmYklEp0rwOOR4sCML72nFvg%2FfoLobfZINgmmxZdaOOKV4ToaiQCvrXSdyMpWj8QqMXUaEbGbBEewFMYwxnGH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d8822c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello-codes.css
gramhir.com/app/assets/fonts/fontello/css/ 1 KB
661 B 12ms
12ms Stylesheet
text/css 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/fonts/fontello/css/fontello-codes.css?v=2
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a880ca860b0dfd58886aeb5566f01ed3e6824f4223c98c6bf839d1196047c42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2019 09:47:47 GMT
server: cloudflare
age: 9102018
etag: W/"5cbedf43-472"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUfimN2i%2BBqwYlSZ7CTwYsueIJhvG%2Bs1bPv6TqhpGCOaLztdJB29Zj1lpr%2F2MelcpR9Gys%2B%2FMZG80wjGj5Uq9UISXm9Yxk%2BcR4kHECEWnbAGZ%2BPo03KVmevLwIy0JDRnJ6rw4FntUsn%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d8832c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flaticon.css
gramhir.com/app/assets/fonts/flaticon/ 25 KB
5 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/fonts/flaticon/flaticon.css
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be8e095e2fd0837f7ceefffaf25b2aa3579180714c27f2d9cacfb0cc9f87872

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2019 09:47:37 GMT
server: cloudflare
age: 9102018
etag: W/"5cbedf39-64e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLiuuEQS0QOCvaZH4JT%2BZ7o%2F92nTWZFi4%2B%2FHeRLq%2BTBREhzpRiPuddob5EdVmmirz8pFYCAT35hggFwxOpN5kWKly9G9QiaFxSQc3CUKuSqmmEAxuLBc7mOWfNeZF%2BOexFdS0A4imJu%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d8852c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flaticon.css
gramhir.com/app/assets/fonts/flat-comments/ 832 B
646 B 16ms
15ms Stylesheet
text/css 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/fonts/flat-comments/flaticon.css
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5592fb740954d5a92e2c24d18ddc4af2e53d42da3ad30e2a44c793d49a45f69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2019 09:47:33 GMT
server: cloudflare
age: 9102018
etag: W/"5cbedf35-340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BEb3%2Fp2V5Sk1LIfcgZIMgbGXn99o6i4wxsrWPenWAp47oUpkrSmdfqLAkLeX4d718fyNjDbu4KPXNkijQ1gYa3beCNNs%2F%2FsooHBbBZHWE6XQe%2FA80gf1TzB5fD7nA35xNTn51esQM3N"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d8872c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 38ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-206621869-1

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

513921e3d35b1482c5af60dd2dd192ec8ae2ac619e4b1cc0a2e6c5b516e16cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36181
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Dec 2021 21:45:50 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 09:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Dec 2022 09:32:01 GMT

GET
H2 200 imagesloaded.pkgd.js Show response
gramhir.com/app/assets/js/ 16 KB
4 KB 21ms
20ms Script
application/javascript 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/js/imagesloaded.pkgd.js
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2cd2a4097f44833817993ded2514b688066ac86d87a1e59a6b6f5369c15cfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Jul 2019 08:14:52 GMT
server: cloudflare
age: 3680511
etag: W/"5d20587c-40a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jzKNR4NnoUW4apAjhUFV6cs%2BTF94LKEKhmy5wdsXXWdwY1FoCz6fVVMIGFBL6wu%2BGPFZ3JBnGtUG%2BI68w3lHtMNHlCW3PxHGpK02pcvidNOCHu09QC2yUezqzPYiKxonjOVFOFsfgGE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d88a2c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 isotope.pkgd.min.js Show response
gramhir.com/app/assets/js/ 35 KB
10 KB 16ms
15ms Script
application/javascript 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/js/isotope.pkgd.min.js
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Jul 2019 08:16:10 GMT
server: cloudflare
age: 9102018
etag: W/"5d2058ca-8a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JPSPsu812npG1jEoD3dycEzf5B6%2Bx03i8TQDN0MRs1MEhPvrQ60K6fUn%2BF3M7g30P3KVORqeM%2FnLWZSH421%2FXOpxSTOtRUNYHUFMHbfpsSVofPnh5lS20VR89qIzIHTApcEluIipmd4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d88b2c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 infinite-scroll.pkgd.js Show response
gramhir.com/app/assets/js/ 56 KB
14 KB 22ms
21ms Script
application/javascript 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/js/infinite-scroll.pkgd.js
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d22341f68e20d3487a0f5ddb61f01a9303fd39b6025b0a9a4eb2ed7350bf442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 May 2020 11:31:13 GMT
server: cloudflare
age: 9102018
etag: W/"5eac0881-dee9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43cw0qSDY3OUVtgM%2BoQUDTJG3Oxfsj4wxl%2BUPxATZf57GBdip89INpXvItbnQkQPqvrkBpe31EYGwnrm5UaGFz9VAVMKSAZwqd6Tr1DJNnRK1gC99q22USa5WGEihahcCdf5KDkX3cr0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d88d2c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adblock.js Show response
gramhir.com/app/assets/libs/ 7 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/libs/adblock.js
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fc64440f3353cb63c713aa3271fd0850688ef47bb855d8533d103754811c15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2019 09:47:22 GMT
server: cloudflare
age: 9102018
etag: W/"5cbedf2a-1b0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyB3eAxBVwQbUYxFmN768RBM3C09zRT6DZgh3XflX3UkVfQeb7MAd85oEIPiUkcxvHXEn5Y1QPjXxEBiK69oKrU11FuwSCUXP8X0MacOD41c2v95E8e%2BebSlom792JNE0P344HJHji%2Fs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d88e2c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
gramhir.com/app/assets/js/ 58 KB
10 KB 20ms
19ms Script
application/javascript 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/js/main.js?v=1639777549
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25043f0ac8c28d57cf2ba5f532ed045d8b3b4b1f9a7ac61f269f73f6947e7348

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 08:14:02 GMT
server: cloudflare
age: 1
etag: W/"615ffdca-e7ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KR7OVJuhQdOp8zJQGj1gm6xESbMs%2FKJAhFkzh5EOEtZPCNXQcS7btgNgMiIJmRvQXvRkVzy6cfXWyZxz3tSfjDokPUHMrlKaIX4%2FIzhCNGeBWCISTwUz7QzRN7fHiDLRp0Wy3jzH6O4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf35737d88f2c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 url=https%3A%7C%7C%7C%7Cscontent-hel3-1.cdninstagram.com%7C%7Cv%7C%7Ct51.2885-19%7C%7Cs150x150%7C%7C12747767_170666396647009_1889375434_a.jpg%3F_nc_ht%3Dscontent-hel3-1.cdninstagram.com%26_nc_cat%3...
gramhir.com/hosted-by-instagram/ 6 KB
7 KB 835ms
833ms Image
image/jpeg 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gramhir.com/hosted-by-instagram/url=https%3A%7C%7C%7C%7Cscontent-hel3-1.cdninstagram.com%7C%7Cv%7C%7Ct51.2885-19%7C%7Cs150x150%7C%7C12747767_170666396647009_1889375434_a.jpg%3F_nc_ht%3Dscontent-hel3-1.cdninstagram.com%26_nc_cat%3D101%26_nc_ohc%3D8l_V7GUs9LYAX9vlB9G%26edm%3DAHG7ALcBAAAA%26ccb%3D7-4%26oh%3D00_AT9oE8icmw9DIbYJwSWTPOBaYUls6yv2xb0oK2Thrl8BCw%26oe%3D61C0CFC2%26_nc_sid%3D5cbaad
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f67375c863a6e285f7d0edde658c0e39c39cf8b6976532923f8e0b41732bff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNNzdomagfoYRZG%2BpPpxZ8S6Z%2F38k%2B%2FmYHdIocB%2BVFsJov9yucGR2Fe9veMogH3VioFXOAUJsxAhD6%2BEy6Y0K9gVkLeBd4Q8d3mvTzqt6WxVpOLkCDkNFo2jruAaGDPP3VXI4BqFRWfx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
content-disposition: attachment; filename="12747767_170666396647009_1889375434_a.jpg";
cf-ray: 6bf3573808ff2c4e-FRA
content-length: 6402

GET
H2 200 url=https%3A%7C%7C%7C%7Cscontent-hel3-1.cdninstagram.com%7C%7Cv%7C%7Ct51.2885-19%7C%7Cs150x150%7C%7C217683356_553615925687977_8647169865555148177_n.jpg%3F_nc_ht%3Dscontent-hel3-1.cdninstagram.com%2...
gramhir.com/hosted-by-instagram/ 6 KB
6 KB 858ms
856ms Image
image/jpeg 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gramhir.com/hosted-by-instagram/url=https%3A%7C%7C%7C%7Cscontent-hel3-1.cdninstagram.com%7C%7Cv%7C%7Ct51.2885-19%7C%7Cs150x150%7C%7C217683356_553615925687977_8647169865555148177_n.jpg%3F_nc_ht%3Dscontent-hel3-1.cdninstagram.com%26_nc_cat%3D101%26_nc_ohc%3DFIHOS5F4u90AX-TA04M%26edm%3DAHG7ALcBAAAA%26ccb%3D7-4%26oh%3D00_AT-dTDpw-IztUJVEyI4WcePV9IikevPdCDuuPb6Y28MKsQ%26oe%3D61C017DE%26_nc_sid%3D5cbaad
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4479a3c8e531c5ba203d2cb09ed33576bf0c9538060449362c1b5fae10093c4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKxr9zo0s3xvkk0V1cg1iXNo%2FdvhFi73hf1DQkTqPoUCO%2BKJU7KaS8VoodPtfAeu%2BBRwUY8LKDpLD%2BbxyfS48lwJ5EIS5BQSO8eeaZarqDxACo0AeXW8SZdNRqpfg7A9B6ySnv0vkhfz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
content-disposition: attachment; filename="217683356_553615925687977_8647169865555148177_n.jpg";
cf-ray: 6bf3573809012c4e-FRA
content-length: 6139

GET
H2 200 url=https%3A%7C%7C%7C%7Cinstagram.fpkr1-1.fna.fbcdn.net%7C%7Cv%7C%7Ct51.2885-19%7C%7C44884218_345707102882519_2446069589734326272_n.jpg%3F_nc_ht%3Dinstagram.fpkr1-1.fna.fbcdn.net%26_nc_cat%3D1%26_n...
gramhir.com/hosted-by-instagram/ 28 KB
28 KB 1953ms
1951ms Image
image/jpeg 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gramhir.com/hosted-by-instagram/url=https%3A%7C%7C%7C%7Cinstagram.fpkr1-1.fna.fbcdn.net%7C%7Cv%7C%7Ct51.2885-19%7C%7C44884218_345707102882519_2446069589734326272_n.jpg%3F_nc_ht%3Dinstagram.fpkr1-1.fna.fbcdn.net%26_nc_cat%3D1%26_nc_ohc%3DA_2Y2UjbX0wAX8gk176%26edm%3DABmJApABAAAA%26ccb%3D7-4%26oh%3D00_AT8pUoQEy6FlD22htHxSNmkdf50ODYdHNlgpEue_6l3HHQ%26oe%3D61C1E14F%26_nc_sid%3D6136e7%26ig_cache_key%3DYW5vbnltb3VzX3Byb2ZpbGVfcGlj.2-ccb7-4
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVR10xcNqg6h2oJs5iWKUclLF64RFNAqqdnOdLtRrXDPjVMEMnVuT%2FFxfjOmqG03sogKfst91%2BnUnFHWyi7AecQdzk4qaSxz17XwGaiSLiebrzWRvTCvWn4RyLms%2FMCF5qeg7pJ50MCb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
content-disposition: attachment; filename="44884218_345707102882519_2446069589734326272_n.jpg";
cf-ray: 6bf3573809042c4e-FRA

GET
H2 200 url=https%3A%7C%7C%7C%7Cscontent-hel3-1.cdninstagram.com%7C%7Cv%7C%7Ct51.2885-19%7C%7Cs150x150%7C%7C11410729_147550948926263_1302626160_a.jpg%3F_nc_ht%3Dscontent-hel3-1.cdninstagram.com%26_nc_cat%3...
gramhir.com/hosted-by-instagram/ 4 KB
4 KB 794ms
792ms Image
image/jpeg 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gramhir.com/hosted-by-instagram/url=https%3A%7C%7C%7C%7Cscontent-hel3-1.cdninstagram.com%7C%7Cv%7C%7Ct51.2885-19%7C%7Cs150x150%7C%7C11410729_147550948926263_1302626160_a.jpg%3F_nc_ht%3Dscontent-hel3-1.cdninstagram.com%26_nc_cat%3D111%26_nc_ohc%3Dq8is8eC0E68AX_Rlzs4%26edm%3DAHG7ALcBAAAA%26ccb%3D7-4%26oh%3D00_AT-LIohVmteUT2poixGtxzdPBFRCF4cxOLKJ515oFA8Ewg%26oe%3D61C190A0%26_nc_sid%3D5cbaad
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b81f6b545c07296b3441ad22cf90d5211e1df73068b84bdda5d5bdff722e647a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uIYbDmWdTVASdLFDsoAClwTIlP%2Fh3OOzfjaCVpYZhCXXwo8fDqO7yPt0XgPqNbkVhgvkPbm%2BaETK0QLkIoVmF1eTulzynr3RSc6ZXBPMPTs9Rpr3j35zI9Zby5ZuxsVC9uw5DdMHMh8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
content-disposition: attachment; filename="11410729_147550948926263_1302626160_a.jpg";
cf-ray: 6bf3573809052c4e-FRA
content-length: 4207

GET
H2 200 adx.js Show response
gramhir.com/app/assets/js/ 156 B
418 B 18ms
15ms Script
application/javascript 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/js/adx.js?v=2
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe93ef7c7244ed265ba2cfef454eaa57707f2e7649525598608b307a2a22aa5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Dec 2019 09:10:40 GMT
server: cloudflare
age: 9102018
etag: W/"5df35590-9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PUh4NX0WDxjK4ulofwS6kRxSLAdQPv9oMa%2FPeaeqkcKM2E9XnjltpgZ0leLfe5mCmAvASndWAw5EjNrysRn788ipds67b%2Fpkawu4hjwTDl7fxikN%2BOqBcw8Q6fve7O4LWlDkNrJMSFr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf3573808f82c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 58ms
11ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 17 Dec 2021 21:45:50 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 firebase.js Show response
gramhir.com/app/assets/js/web-push/ 298 KB
97 KB 36ms
33ms Script
application/javascript 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/js/web-push/firebase.js
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea22d911e92222dbfede091756ddef209ca86a941285df534ee94e93fd31e3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Dec 2020 09:04:13 GMT
server: cloudflare
age: 8582822
etag: W/"5fc7588d-4a75b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7KmcgaiKBq1D8UYRS86To41QDRajyjuW3dYYlglSPQHZkV%2F2EmMEHqMSBrIblXE0uAZiBKWa3eK2dJxZsJSRBqBI37sgwcjMi4Iu%2B5oICAyfLuxg4B3rI0SnS1xjzPHB38zkcnAtLRj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf3573808f92c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
gramhir.com/app/assets/js/web-push/ 4 KB
2 KB 21ms
19ms Script
application/javascript 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/js/web-push/app.js
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 321c357d2ef884ed986f10b63d476fd7b592d08852a193e4bf903b834487d1c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 13:32:25 GMT
server: cloudflare
age: 8277058
etag: W/"613a0ce9-1156"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tj3eEKM3A9vdYITgKGC%2FbwmEUyO6mp%2BAjCAaqlMTTwOriI36grC0oVlLmSXfJ4xnHzb1pBFUlx81v66zBnLQP37JDf6OwTDna%2F9YmcIa3ZF%2Bb%2F%2F3eiYyRQhpfJs2Lb%2B1TZrn%2BTAWwwFd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf3573808fe2c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 print.css
gramhir.com/app/assets/css/ 4 KB
924 B 34ms
33ms Stylesheet
text/css 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/css/print.css?v=126
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1eafa4c68c55a2eec47d87337f1a29e94c47729a0fd3a4502f8cb471df42cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/search/waleedrapper
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2019 12:13:01 GMT
server: cloudflare
age: 9102018
etag: W/"5cc052cd-10a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGInjxXUNqex8T8lmCPcQElOm2HrP67Aoyvn%2BNXshq05yy9LCc1YDGynazDGwzWJvD7zosJpdUmgDeG%2FdWBO2AdCJTx2fZ4ig5Xm6OMMzEDjM3FR4a1ajMLa1FpAtU9jMj27DTE6tu9q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bf3573809062c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Roboto-Bold.woff2
gramhir.com/app/assets/fonts/Roboto/ 63 KB
64 KB 14ms
13ms Font
application/octet-stream 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/fonts/Roboto/Roboto-Bold.woff2
Requested by: Host: gramhir.com
URL: https://gramhir.com/app/assets/css/style.css?v=1639777549
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed

Request headers

Referer: https://gramhir.com/app/assets/css/style.css?v=1639777549
Origin: https://gramhir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jun 2019 14:36:01 GMT
server: cloudflare
age: 326
etag: "fd24-58bd661a4b640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ri74U1Es4%2BJb8UW7HfkJ%2FIX1ZJv3cXpu12jld14uxmzXTbzHJGWlIK8KHgDRSUnCLrOjO5gvivzFAUZI45NKfu3OqEdDT7xw7V1fxIlHk%2B%2BLr0OvQcpxle%2Fwt2hxji%2Bqgl0nbNo81J%2FK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bf3573819292c4e-FRA
content-length: 64804

GET
H2 200 Roboto-Regular.woff2
gramhir.com/app/assets/fonts/Roboto/ 63 KB
64 KB 26ms
26ms Font
application/octet-stream 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/fonts/Roboto/Roboto-Regular.woff2
Requested by: Host: gramhir.com
URL: https://gramhir.com/app/assets/css/style.css?v=1639777549
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659

Request headers

Referer: https://gramhir.com/app/assets/css/style.css?v=1639777549
Origin: https://gramhir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Jun 2019 14:36:05 GMT
server: cloudflare
age: 329
etag: "fcf0-58bd661e1bf40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3rXiv8UdPSi%2BF%2F8AwtKIFK2vJpGdMS5NYuh01mCyKZ3TtI5%2BTwcVBftdYIsMFIiCdsVMStUcmaqpFTTdK2UX%2BsJkPJfd%2F074WzlroPFzHPaofZTejvkD61NNhw%2FcJLXHuO7B%2BPFJl%2FL"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bf35738192e2c4e-FRA
content-length: 64752

GET
H2 200 Flaticon.woff2
gramhir.com/app/assets/fonts/flat-comments/ 680 B
1000 B 34ms
34ms Font
application/octet-stream 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/fonts/flat-comments/Flaticon.woff2
Requested by: Host: gramhir.com
URL: https://gramhir.com/app/assets/fonts/flat-comments/flaticon.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d454836811751ba1e4aab9a00ef8a5655eb2d7989ab14ca4ba199704ae11e25

Request headers

Referer: https://gramhir.com/app/assets/fonts/flat-comments/flaticon.css
Origin: https://gramhir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2019 09:47:34 GMT
server: cloudflare
age: 329
etag: "2a8-5872f796db980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sx%2FE9CADH71O4S8K6Gwi3lzroTIfZQKoN6gB2p5qQNA5EnBa%2F9Pnm8lld5iryO94jI15pAEpBLIBHqANeCjxUdDWr276D82%2Fvp7rIBKDp6QehcbzKV%2FgZItKwDFd%2Ff4wNgpUAtX5wJj3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bf3573829462c4e-FRA
content-length: 680

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
14 KB 75ms
49ms XHR
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gramhir.com_1200x300_responsive_1_DFP&sz=970x250%7C728x90%7C300x250&t=Placement_type%3Dserving&1639777549511

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

f41e7913223581ed5ae91c9d43c6c9acba78bee7879f64515d585f32424c5e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13259
x-xss-protection: 0
google-lineitem-id: 5858763092
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138375504145
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Flaticon.woff
gramhir.com/app/assets/fonts/flaticon/ 24 KB
24 KB 14ms
14ms Font
font/woff 2606:4700:20::ac43:46b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gramhir.com/app/assets/fonts/flaticon/Flaticon.woff
Requested by: Host: gramhir.com
URL: https://gramhir.com/app/assets/fonts/flaticon/flaticon.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:46b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b43c2c0ec666e5e81b56e2ac9e26a39b81717530a813f7b25e2a23e6617d10

Request headers

Referer: https://gramhir.com/app/assets/fonts/flaticon/flaticon.css
Origin: https://gramhir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9102018
content-length: 24508
last-modified: Tue, 23 Apr 2019 09:47:38 GMT
server: cloudflare
etag: "5cbedf3a-5fbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWDGmdSVdj1KPAgqVIPt63zWRke2EBr0A5E%2FwbGOzBRrmseZBPGmsVtkmUg%2F3PLUwkYGVnDdt6CIodOJ%2BUwBomd7oVdo4ZaGhh4aeplXNsJtHSGhYN9ePo1WRIlFFsfdErm1EXFZpgj9"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6bf3573869bc2c4e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-206621869-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2684
date: Fri, 17 Dec 2021 21:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 17 Dec 2021 23:01:06 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 30ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=35178
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
13 KB 53ms
53ms XHR
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gramhir.com_970x90_sticky_anchor_responsive_3_DFP&sz=970x90%7C320x100&t=Placement_type%3Dserving&1639777549604

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

dfd1b4c75d3f6e21151d1b6b90e5a134e249edaf6587d1b15a03118109a0b516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13207
x-xss-protection: 0
google-lineitem-id: 5856865671
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138375060291
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5cad1cdf2197eb6d/ 2 KB
738 B 138ms
138ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5cad1cdf2197eb6d/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 060a9d52fbe3f47cfe149e43092a02529b993610f5cc55a2c216254f748436c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: gzip
etag: -883847325--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=6, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 562

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 167ms
151ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61bd050d4513cda6&bkl=0&bl=1&pdt=1053&sid=61bd050d4513cda6&pub=ra-5cad1cdf2197eb6d&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=gramhir.com&fp=search%2Fwaleedrapper&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1639777549633&jsl=1&uvs=61bd050df28ea771000&skipb=1&callback=addthis.cbs.jsonp__94199989205093760
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d64e186a7bed2335504df681caafd2464b412fdedad38bb645fc6926508e6665

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2484 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame B7E5 71 KB
26 KB 27ms
27ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 17 Dec 2021 21:45:50 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 2CF8 464 KB
143 KB 58ms
30ms Script
application/javascript 2606:4700:3108::ac42:28fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b81b750507ab94aef64cd486674a0ee0e9badcaeda0cb008fe2b3f893a8fdbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: qkUsMciYp0VnmGYqCKX83g==
age: 6749
x-ms-lease-status: unlocked
last-modified: Fri, 17 Dec 2021 13:52:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekJYBaB9QYoOcqHyVv7M4Wf1dlC%2BWs%2FfTV4bppQ2dGs%2FV1WKHb1nlvnecQZdcPNOue%2BEFkoCP9hpH5wcE6v262aGOasqqFskXQx4A9pLVgOzSdtLBecTEjhsIiD5F56HfFiMS0GU4Uk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: afd25b1e-f01e-0008-294d-f3e598000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6bf357393f0ddfe3-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=505898078&t=pageview&_s=1&dl=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper&ul=en-us&de=UTF-8&dt=waleedrapper%20Instagram%20search%20results%20-%20Gramhir.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1120314000&gjid=1540778510&cid=783857688.1639777550&tid=UA-206621869-1&_gid=510250690.1639777550&_r=1&gtm=2ouc10&z=640927335

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 9469 464 KB
143 KB 29ms
28ms Script
application/javascript 2606:4700:3108::ac42:28fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b81b750507ab94aef64cd486674a0ee0e9badcaeda0cb008fe2b3f893a8fdbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: qkUsMciYp0VnmGYqCKX83g==
age: 6749
x-ms-lease-status: unlocked
last-modified: Fri, 17 Dec 2021 13:52:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWTOnVdxfdhKDuaEiJpgzZGk16%2FTxPJARJoQ88Qx%2FviLt2CpVxZyzl0U2xYRY2GvEsiNNaXZFHx04Rs4o%2FM%2F7OfGbL%2FZNszVHZ4Wcdjy%2BS2qfPhwVefH1I0lAMi%2B%2FMVAYx5bviOeYsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: afd25b1e-f01e-0008-294d-f3e598000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6bf357395f39dfe3-FRA

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 39ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgramhir.com%2F&domain=gramhir.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://gramhir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://gramhir.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1406
date: Fri, 17 Dec 2021 21:45:49 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 2CF8 483 B
555 B 59ms
32ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7
content-type: application/javascript
x-amz-request-id: tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2: tx002dec70dafe483ba85bc-0061adedd1
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvLocmyk0saoTr1nbWJxViArnxFGF5YZldCKb%2FnB0ZSGihSqIHnKn6NN%2FijLOyNhTu%2BrJapJYdkgkl07vSuNinCZO%2BpOmJr6VsX1nFFz1ZaChZL2gOT4XgRuyxguN5AeL8ZSBJPH4vlyUM83"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1638788436623244
cache-control: public, max-age=1800
cf-ray: 6bf3573a0bd31f45-FRA
expires: Fri, 17 Dec 2021 22:15:50 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2CF8
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgramhir.com%2F&domain=gramhir.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=sTpPjHxlVjdhVVlTeEpyMVFEVklsQWpMSnlLUzdlRnBiZ0h0NFVJVWdyWm9DL1ZRQ0JxSkNGS0I4d1FjVUQ2ZEtRYlJZSlFOMlVRUzNBTGh0QUlGbFlKM1QxbnhkL3ZFZWdQZVFxK3NnTmhNbDl2SDJSRHdSaTg0YWdvNH...

339 B
606 B

43ms
17ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sTpPjHxlVjdhVVlTeEpyMVFEVklsQWpMSnlLUzdlRnBiZ0h0NFVJVWdyWm9DL1ZRQ0JxSkNGS0I4d1FjVUQ2ZEtRYlJZSlFOMlVRUzNBTGh0QUlGbFlKM1QxbnhkL3ZFZWdQZVFxK3NnTmhNbDl2SDJSRHdSaTg0YWdvNHNEZk4wNUhvVDMwanc0eHVGcGdVZjUvUkw2VEJKandMcUZwSXRxaW1JcE93SWNGVDVzbnUvUEFXMTFzZG9OajJlWFB1Y1Y0aUZwZ3o0RjdlUjJRZVlQZHM4TUZkZzE0MlNNV0xZU3RZZXpESHhEVE84cWRVPXw&cppv=2

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b6c5a8b45422bfaddda28442f8feedacd45d6c3707272a9246add185ad07213e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2097
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:49 GMT
location: https://mug.criteo.com/sid?cpp=sTpPjHxlVjdhVVlTeEpyMVFEVklsQWpMSnlLUzdlRnBiZ0h0NFVJVWdyWm9DL1ZRQ0JxSkNGS0I4d1FjVUQ2ZEtRYlJZSlFOMlVRUzNBTGh0QUlGbFlKM1QxbnhkL3ZFZWdQZVFxK3NnTmhNbDl2SDJSRHdSaTg0YWdvNHNEZk4wNUhvVDMwanc0eHVGcGdVZjUvUkw2VEJKandMcUZwSXRxaW1JcE93SWNGVDVzbnUvUEFXMTFzZG9OajJlWFB1Y1Y0aUZwZ3o0RjdlUjJRZVlQZHM4TUZkZzE0MlNNV0xZU3RZZXpESHhEVE84cWRVPXw&cppv=2
strict-transport-security: max-age=86400; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2025
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 2CF8 213 B
529 B 100ms
25ms XHR
application/json 141.95.3.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.9 , France, ASN16276 (OVH, FR),

Reverse DNS

p32.id5-sync.com

Software

Resource Hash

ebc36d5676987302c33127c7e5196d5f4f5ee5bdd69f952b96d0d2752514fbef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://gramhir.com
Date: Fri, 17 Dec 2021 21:45:39 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2CF8 78 KB
27 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1074 / 631 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Dec 2021 21:45:50 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 26E2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

40ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Dec 2021 21:45:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Fri, 17 Dec 2021 21:45:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 15ms
15ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgramhir.com%2F&domain=gramhir.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://gramhir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://gramhir.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1728
date: Fri, 17 Dec 2021 21:45:49 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 9469 483 B
969 B 15ms
15ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7
content-type: application/javascript
x-amz-request-id: tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2: tx002dec70dafe483ba85bc-0061adedd1
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FurIgRO3CVzEv%2FknuJtlco2mddWp%2B5ZSwFBUU7OFxgkFbjKHLxWr6qauRef0IVRPxoY6GxUyYv5%2FmQrobYVhfBo%2FXUvZeObBxpL1rAoRZUbiT1ZSCDelHlcvuOnXiTlP%2FdQ7ryBsjCi%2B70U"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1638788436623244
cache-control: public, max-age=1800
cf-ray: 6bf3573a2c071f45-FRA
expires: Fri, 17 Dec 2021 22:15:50 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9469
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgramhir.com%2F&domain=gramhir.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=OCBeX3xZeUhJQUJZQUVBMlNKUUU4Z1V6Y0lZaVVabVZaVElDeDBZdCs1T0lJbVBRM1lGak5UWnFaQWVxTzY4NkdYb01rTTN5bkJ3YVo5Q1NlcnBsTC9RdUsrOEVoN3NaV1NvdlhRUnVYVHZRU1JPaWFmOHNiRmpDWkFFVV...

352 B
615 B

43ms
17ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=OCBeX3xZeUhJQUJZQUVBMlNKUUU4Z1V6Y0lZaVVabVZaVElDeDBZdCs1T0lJbVBRM1lGak5UWnFaQWVxTzY4NkdYb01rTTN5bkJ3YVo5Q1NlcnBsTC9RdUsrOEVoN3NaV1NvdlhRUnVYVHZRU1JPaWFmOHNiRmpDWkFFVVB4NGpmNGk2S01HMGNmNEJOL0I1NTBnb1FaTTVRdm9oR1JzMThSOHFGK1hDUWM2NWRUYWdoZit6ejNPeFVOWFN6SzNDMjg0MXZiSm9ubjJFdUFPVEllSFRGd3V4SVM5SFFBbmpEa3lhaG93VFZKNFdWMFNJPXw&cppv=2

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

68660829c68d05798c956885de4aa5ad8cfbb5033a210db9f040ad53ab9a22f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:49 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2136
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
location: https://mug.criteo.com/sid?cpp=OCBeX3xZeUhJQUJZQUVBMlNKUUU4Z1V6Y0lZaVVabVZaVElDeDBZdCs1T0lJbVBRM1lGak5UWnFaQWVxTzY4NkdYb01rTTN5bkJ3YVo5Q1NlcnBsTC9RdUsrOEVoN3NaV1NvdlhRUnVYVHZRU1JPaWFmOHNiRmpDWkFFVVB4NGpmNGk2S01HMGNmNEJOL0I1NTBnb1FaTTVRdm9oR1JzMThSOHFGK1hDUWM2NWRUYWdoZit6ejNPeFVOWFN6SzNDMjg0MXZiSm9ubjJFdUFPVEllSFRGd3V4SVM5SFFBbmpEa3lhaG93VFZKNFdWMFNJPXw&cppv=2
strict-transport-security: max-age=86400; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1588
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 9469 213 B
529 B 86ms
23ms XHR
application/json 141.95.3.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.9 , France, ASN16276 (OVH, FR),

Reverse DNS

p32.id5-sync.com

Software

Resource Hash

c74b6a7ddaa46adf2d3cef213caac468c8c448fa5161a8466ecaaa44d61272f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://gramhir.com
Date: Fri, 17 Dec 2021 21:45:39 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9469 78 KB
26 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1074 / 995 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Dec 2021 21:45:50 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F7DA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

25ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Dec 2021 21:45:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Fri, 17 Dec 2021 21:45:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 26ms
21ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 17 Dec 2021 21:45:50 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 2CF8 758 B
901 B 54ms
21ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d53647f039159281615350ac2327ceedd338d3ce02eabb8201959fe577e26037

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKxNwcwDKzFQvbEgrXh1cBEzXQChhrtf8wO4SjQb0PmSc3M2Gmt11CNGNwttuSdVhQhO3RPQX3bvDS2CRSoh74bmdbHkr6nWB5OXxoOCrldTC1p84jtp5l5akvuhdOz9Nnmr8Y%2F4exEWu4lVAjL2my%2Bti32E"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bf3573a8ed82bc6-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 2CF8 145 B
431 B 124ms
91ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 499302acd5a80c005dd28102f29db54436f9fca5936bcd093220191216bfe985

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wI%2FYWPXVfLz2lvfq09N5%2BGR20JWu82CmLW4362Y7uNHp%2BIluPeGM1mIRjIMzt%2BnMSLU2NC3wv%2FNtqysTYLGfXtFgO%2F5XU2TD20GejMCqyVT4LpcaAU4aArcaYBWdIZ%2BLv2gpwOIB%2BvbYR%2FFNQWFPCl6IOGgx"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bf3573a8eda2bc6-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 2CF8 0
375 B 389ms
201ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gramhir.com
date: Fri, 17 Dec 2021 21:45:50 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 112
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 2CF8 0
113 B 120ms
65ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gramhir.com
date: Fri, 17 Dec 2021 21:45:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 2CF8 17 KB
9 KB 239ms
157ms XHR
application/json 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEyNTI1MTkmdHJhbnNhY3Rpb25JZD05N2RhYjIyZi03ZjYxLTQ2ZjUtYmUzZS1jODg5ODNkOWZhMTc%3D&pt=gross&stid=4893cb8d-5805-413d-be5c-1e0946fb66b1&fd=1&eids=eyJwdWJjaWQub3JnIjp7ImFkZTUwYjUxLWQ2N2YtNDIyYS1hYWQxLWJkNDhmZTgyN2EzZCI6WzFdfX0%3D

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fcb2eb37a2240657d1f93d3f0c1223be7c8d3269a7474fa43996447c88a3ec0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://gramhir.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2

200

adjson Show response
ads.betweendigital.com/ Frame 2CF8
Redirect Chain

https://ads.betweendigital.com/adjson?sizes=1200x300%252C1200x200%252C1100x200%252C970x250%252C980x200%252C980x180%252C980x150%252C930x150%252C970x90%252C980x120%252C970x240%252C980x240%252C980x90%...
https://ads.betweendigital.com/adjson?sizes=1200x300%252C1200x200%252C1100x200%252C970x250%252C980x200%252C980x180%252C980x150%252C930x150%252C970x90%252C980x120%252C970x240%252C980x240%252C980x90%...

2 B
214 B

201ms
200ms

XHR
application/json

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=1200x300%252C1200x200%252C1100x200%252C970x250%252C980x200%252C980x180%252C980x150%252C930x150%252C970x90%252C980x120%252C970x240%252C980x240%252C980x90%252C930x180%252C950x90%252C1100x300%252C1000x300%252C980x300%252C970x300%252C1000x90%252C1000x100%252C1000x120%252C1000x150%252C1000x200%252C1100x210%252C1100x250&jst=hb&ord=3758245874946049&tz=0&fl=0&rr=direct&s=4463960&bidid=143ed783a09bdee&transactionid=97dab22f-7f61-46f5-be3e-c88983d9fa17&auctionid=4893cb8d-5805-413d-be5c-1e0946fb66b1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMzAxIiwiaHAiOjF9XX0&ref=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper&crf=1
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

Redirect headers

location: /adjson?sizes=1200x300%252C1200x200%252C1100x200%252C970x250%252C980x200%252C980x180%252C980x150%252C930x150%252C970x90%252C980x120%252C970x240%252C980x240%252C980x90%252C930x180%252C950x90%252C1100x300%252C1000x300%252C980x300%252C970x300%252C1000x90%252C1000x100%252C1000x120%252C1000x150%252C1000x200%252C1100x210%252C1100x250&jst=hb&ord=3758245874946049&tz=0&fl=0&rr=direct&s=4463960&bidid=143ed783a09bdee&transactionid=97dab22f-7f61-46f5-be3e-c88983d9fa17&auctionid=4893cb8d-5805-413d-be5c-1e0946fb66b1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMzAxIiwiaHAiOjF9XX0&ref=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://gramhir.com
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2CF8 139 B
814 B 299ms
270ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d9fcc045f43efd550956fa78c5dc68a63fc5e04fbaa5edab5905c5c34b9890f1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:50 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f98e2a92-9c03-48e8-880e-a0660425fd8e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://gramhir.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2CF8 0
173 B 50ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gramhir.com
date: Fri, 17 Dec 2021 21:45:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 2CF8 99 B
290 B 76ms
45ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 413bce37a2afdeee4cc57e811c677459f10e3472c9027614c01f22ca8726416e

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 6bf3573aa9645b44-FRA
pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Validating the Prebid Request adunit sizes. 24 unsupported banner sizes for adUnit: div-custom-ad-1639777549639-0, Selecting bids. No selected bids
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 2CF8 0
184 B 60ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=57170183999
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gramhir.com
date: Fri, 17 Dec 2021 21:45:49 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 9469 71 KB
22 KB 57ms
41ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 287981
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txf4904e4f86fb4c94ae655-0061b8401f
x-amz-id-2: txf4904e4f86fb4c94ae655-0061b8401f
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVfj4NsPsoi2zUdSyDmyH0wG8hExt8%2FdSB9vW7aoml1YNlBFqqOlstfDmscsTgKlwbhHnIwSKVmpCC3S4lofR%2BCiFN069awGdx9RnI5zBi5D%2B8yWUzlA8rjiOyatHWR5%2BjDB3a%2BL8YODWMUw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6bf3573aac332bf6-FRA
access-control-allow-headers: Authorization

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 54ms
13ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 843
date: Fri, 17 Dec 2021 21:45:49 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 55ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1152
date: Fri, 17 Dec 2021 21:45:50 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 9469 758 B
605 B 22ms
21ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d53647f039159281615350ac2327ceedd338d3ce02eabb8201959fe577e26037

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JM6Gzkv%2F1GGXYAA7aYg3XFrOV7lz6wPlcdpWRZHsBeYw%2FVB2MKlofU5o%2Bpjt%2BtfHxF%2BfnlYeaN9m1KXi%2Bc8mkPRbcERr%2BMnhjfkKIdDrC8Uv0yUiPs1HEoqt4KHyOY2ULabfOLLpqzdJzv%2FjluMGBcIdQwPh"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bf3573aaf192bc6-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 9469 145 B
410 B 116ms
116ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9036f94411f6c5eb8375cb731ff8040782f1471458d9a3ecaf8d1df7394e23bf

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCu9VEprU6A77%2F2JRdJU0VBf%2BsuYvBZ%2BLCOasZUMKrnQTH2FchG3IVfJBfDRIpHa3metW%2FFoZQjzkGuiPu1Fq5qDvITKYeYG6lginJdekkmS7XoEIKphryslr3JmrcKprDcwmRwyKsuQrAf3bhJrcIhwVmGw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bf3573abf212bc6-FRA
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 9469 0
57 B 78ms
77ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gramhir.com
date: Fri, 17 Dec 2021 21:45:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9469 0
173 B 16ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gramhir.com
date: Fri, 17 Dec 2021 21:45:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9469 139 B
814 B 30ms
9ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ee1c9d86286d4272cbd75b5a9dfc97bcf50d7abf1a976b3341b89c008228a18a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:50 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 449c78ca-148a-422a-8663-3adcd81c83af
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://gramhir.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 9469 0
235 B 446ms
321ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gramhir.com
date: Fri, 17 Dec 2021 21:45:50 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 228
vary: origin, Accept-Encoding

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 9469 5 B
482 B 134ms
108ms XHR
application/json 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEyNTI1NjImdHJhbnNhY3Rpb25JZD0xMjg1MTdmNy00NmFiLTRhMjItOWE2OC00Njg5MWQ0NjgwMjg%3D&pt=gross&stid=c93f503d-af2f-4046-ad2a-0a3c9dc83928&fd=1&eids=eyJwdWJjaWQub3JnIjp7ImFkZTUwYjUxLWQ2N2YtNDIyYS1hYWQxLWJkNDhmZTgyN2EzZCI6WzFdfX0%3D

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://gramhir.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 9469 99 B
506 B 27ms
27ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f615c202511439b3122abe5f8cd06947493e6a4ca03b6f4ac1fd46814e30ba

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 6bf3573ab9895b44-FRA
pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gramhir.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

GET
H2

200

adjson Show response
ads.betweendigital.com/ Frame 9469
Redirect Chain

https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=4937521622431946&tz=0&fl=0&rr=direct&s=4463966&bidid=202bfd0615842dc&transactionid=128517f7...
https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=4937521622431946&tz=0&fl=0&rr=direct&s=4463966&bidid=202bfd0615842dc&transactionid=128517f7...

2 B
214 B

204ms
204ms

XHR
application/json

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=4937521622431946&tz=0&fl=0&rr=direct&s=4463966&bidid=202bfd0615842dc&transactionid=128517f7-46ab-4a22-9a68-46891d468028&auctionid=c93f503d-af2f-4046-ad2a-0a3c9dc83928&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMzAxIiwiaHAiOjF9XX0&ref=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper&crf=1
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://gramhir.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

Redirect headers

location: /adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=4937521622431946&tz=0&fl=0&rr=direct&s=4463966&bidid=202bfd0615842dc&transactionid=128517f7-46ab-4a22-9a68-46891d468028&auctionid=c93f503d-af2f-4046-ad2a-0a3c9dc83928&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMzAxIiwiaHAiOjF9XX0&ref=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://gramhir.com
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9469 0
184 B 16ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=63610349693
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gramhir.com
date: Fri, 17 Dec 2021 21:45:50 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 2CF8 71 KB
23 KB 15ms
15ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 287981
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txf4904e4f86fb4c94ae655-0061b8401f
x-amz-id-2: txf4904e4f86fb4c94ae655-0061b8401f
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf9tLWLzGfO2mPHOuY5wUDf%2BUKra7ExPCFVmcy6nGASer2a8Ej%2BtGhwHFLaqhIUPlkd2Bj0IktWeCmmCmcRDr97PLg5LcMguSMaCAYpwF%2BOAbMyiPEVDpk2kxvChrgnLBtzkaEQO88pBuNnu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6bf3573acc672bf6-FRA
access-control-allow-headers: Authorization

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6FBF 14 KB
5 KB 35ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=89445
expires: Sat, 18 Dec 2021 22:36:35 GMT
date: Fri, 17 Dec 2021 21:45:50 GMT
vary: Accept-Encoding

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2CF8 348 KB
117 KB 62ms
24ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Dec 2021 21:45:50 GMT

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9469 348 KB
117 KB 68ms
41ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Dec 2021 21:45:50 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 26E2 32 KB
10 KB 10ms
10ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45fbdad0412ebdbc836f5eeed2ed8adf4e26aa2b612518fbf9cf29c5b83cfc19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:45:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73918
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9701
Expires: Sat, 18 Dec 2021 18:17:48 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F7DA 32 KB
10 KB 10ms
10ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45fbdad0412ebdbc836f5eeed2ed8adf4e26aa2b612518fbf9cf29c5b83cfc19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:45:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73918
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9701
Expires: Sat, 18 Dec 2021 18:17:48 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D683 14 KB
5 KB 13ms
13ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=89445
expires: Sat, 18 Dec 2021 22:36:35 GMT
date: Fri, 17 Dec 2021 21:45:50 GMT
vary: Accept-Encoding

GET
H2 200 195.461912c47007775093ae.js Show response
s7.addthis.com/static/ 384 B
538 B 11ms
10ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/195.461912c47007775093ae.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-180"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 17 Dec 2021 21:45:50 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 298

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 26E2 284 B
536 B 37ms
7ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F7DA 284 B
536 B 35ms
9ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6FBF 0
42 B 53ms
13ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52931813&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:50 GMT
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 26E2 0
239 B 58ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 9469
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8973840179362310736

36 B
36 B

16ms
15ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8973840179362310736
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnXydoDKlVsj8W7S6w22T56nzdfwg1LF%2BmxSywZAyhahs%2FN6yiMZBru2Gr5qo5bYZ4aoet9aJqP5yORhw16hmX8yO9E1ooadjLZ8Mmpr4OC1VuJarqBm1ia%2BZhFGoTrq1AxMl6KjhnpL8CtkrZraW%2FEbQyBc"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6bf3574078622bc6-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:51 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ed4bae90-a7b8-43e7-87be-38686417dcb3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8973840179362310736
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 2CF8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=3762983755526643529

36 B
36 B

20ms
20ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=3762983755526643529
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYwqSIcvy3YqkpPvTv8UxdLnedpAxgRHluMB0CYtCtPw%2Fltnac%2BwyWEGcc5PfTZ%2FFM%2FGNuKMbEVP8GAMtPjos8ux5FxneG8svUcvM%2BdP7imnqgpsLUcMZaDkcKfGndNpTmW84ddG5uvJeflywxI6VULY%2B2UC"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6bf3573d6b432bc6-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:50 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 32a6ae74-0751-4419-b64e-f420c3b701d8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=3762983755526643529
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 2CF8 43 B
106 B 61ms
17ms Image
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:51 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2CF8 107 B
792 B 73ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gramhir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2CF8 107 B
549 B 44ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gramhir.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2CF8 18 KB
8 KB 144ms
129ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=640146606415056&correlator=3236978910499190&output=ldjh&impl=fifs&eid=31060837%2C31063898%2C31062930&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211217&iu_parts=147246189%2Cgramhir.com_1200x300_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1200x300%7C1200x200%7C1100x200%7C970x250%7C980x200%7C980x180%7C980x150%7C930x150%7C970x90%7C980x120%7C970x240%7C980x240%7C980x90%7C930x180%7C950x90%7C1100x300%7C1000x300%7C980x300%7C970x300%7C1000x90%7C1000x100%7C1000x120%7C1000x150%7C1000x200%7C1100x210%7C1100x250&prev_scp=hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D980x300%26hb_pb%3D0.18%26hb_adid%3D241028e29c3279e%26hb_bidder%3Dadform&eri=1&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=gramhir.com&bc=31&abxe=1&lmt=1639777550&dt=1639777550462&dlt=1639777549610&idt=603&frm=23&biw=1600&bih=1200&isw=1200&ish=150&oid=2&adxs=208&adys=170&adks=2203426620&ucis=aar1a76n7u18&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper&top=https%3A%2F%2Fgramhir.com%2Fsearch%2Fwaleedrapper&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x150&msz=1200x0&ga_vid=783857688.1639777550&ga_sid=1639777550&ga_hid=1245151911&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

82c6cfdc7f7b4e2e904632e678a076294d71741b41f06b069b1b07568b02e355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8567
x-xss-protection: 0
google-lineitem-id: 323972549
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303033641
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gramhir.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2CF8 11 KB
9 KB 55ms
27ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

017ea9a66b3bb13453d38b8f0027fb112b8fd09b2ef19152b41c5e7a5ec63e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8545
x-xss-protection: 0

GET
H2 200 container.html Show response
ead7f38e75bbe3f0afade60b48518300.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B2FE 6 KB
4 KB 68ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ead7f38e75bbe3f0afade60b48518300.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 17 Dec 2021 21:45:51 GMT
expires: Sat, 17 Dec 2022 21:45:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 9469 0
208 B 35ms
8ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 9469 0
209 B 34ms
8ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2CF8 17 KB
7 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Fri, 17 Dec 2021 21:45:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9255 13 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 17 Dec 2021 14:11:52 GMT
expires: Sat, 17 Dec 2022 14:11:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 14AE 783 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36d10a43fad248c5126a4b5589b9e697aee9265ce3a0ea229126b824a8467fb5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fM9fwB5yD3lHNN+intDStQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 17 Dec 2021 21:45:51 GMT
date: Fri, 17 Dec 2021 21:45:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-fM9fwB5yD3lHNN+intDStQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 19AC 0
0 41ms
41ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8qkIYKHZ0xiFazfvyI7SJS8HiOh3pIbSc79eh6NKD9bcq7FxdY0GUJ8IcvSZLB92p_Rmr6k9lGNX8jH1aCdddCcKdjlCT7frUetWG7VAeeFKBtKsDvwT5-lzSsu1qWWqIYlVXmasJQl0CfRxgNfyDFr4BJir_dKeh0hrZ20ZqBvkwm2pWThmCkteOcUda8dz4mfn_WCkM0dF5UEUFq3_qmXERqVykoQN3pezJH8FDgAMJ75zLH7Ph5i5cMq8ctZv7zVwNFayuUl2P8ZQxKr77CcObPkT20dSkcgUyU-IXNH25e0NEHq1XYJjqL8fp3xttkz6BUYEg4pGM&sai=AMfl-YQSr5-YlNuHj9iD970_C6U4UvamEC7FNpg1fFFKGE_W5NeBVT2Rmhs8aNqkTlVqE8q_Y7fu57WMCmgHmntS02CCYdoEAfYMKRtB1zNZwem_UaNb5DcgvopOG1f3tX5J&sig=Cg0ArKJSzF4EIPV3HS07EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 21:45:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 17 Dec 2021 21:45:51 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 2CF8 0
208 B 14ms
14ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gramhir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F9B5 273 B
848 B 47ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeYigEQt8ShAhjY7pa7ATAB&v=APEucNUhJKD-_9OhAUG1-2thlvgpASEaYKRPaGKxjcgGlVA1TL5wbOoNpX6oFSvJc0zvSk7xkTuxjGVypqOiGM8paA3_4aJskMnyKgwMPJWRhQM2dCfzbQKcGVeIQDOc57ooH5gCApfAk5etXrwSglnrXJxidZvJ2l2fQQYKfbbXkEPiSplqGtMvuR-D_Ix7bOUtHJygKlBY

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 17 Dec 2021 21:45:51 GMT
server: cafe
cache-control: private
content-length: 149
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Dec 2021 21:45:51 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 19AC 25 KB
15 KB 67ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6ocB4FepmGuamSkVHOEIFwoXli8tkcMAkyD1lXv4vQfOD_dTfHXVv0ghfYZYAsKybxoS-TrFe36yd1kj8fUElOWIctK9BhwLVZgwWhsT1gDMUXN2R-V1-kIEqG70WajLvtp5lm6IewypbIYAv5PyBqETT4A&dbm_d=AKAmf-DlDVwaTKRkGlQuJBrPJ_-nuYT_Xlw-llAY1dnZM9pS5RF8_0FeMurwGlaZjcdxvcMUCADUySlevyOKzdtprRDx5lrh1RQbenjrlQ7Qx5FgClc6J4qemwTOwY_GzfNoQPMBnPWFLxgvA3aUyZlubCJRnO7CtaNIhBUZ7r_tZTwIZPg_ANMXLYv8S2K6B017OGROeF3oUFkydkh_DOOkuHkc5u75e9RG4cTRlmnGrG8eJ2ahOTSCFSH2MB2oy_5scKx_GpymubXcKOWZb3HF8QCFeBCkscPf0h5NUvTa6ydcV9QmprWy3SpX4Q9pIgoDLYvsngiEiBkA5HA23nUTRhHaMzaidxCEQaeQZcqoItS1damrB61p4TlULXQiP2Uf9zmKkDMaHDSOfTeMIrGwPj34Z8jSZUdLRkqO95l4U_g4R3fiZEIwiWISTF1mTdtgwwra7P8e5nmktNkDI3HgrZiQmvtl0pCV4sksItOW4HGV2rG0GoJ05M9vTdAqWdp0eUTYKuK_E7_mMsTYBqEhklk-o2eH0Wt6ALq2JUGW4esuO41LOtlt8eNlUU-ZY3tDlTC--KtbYIcYXzV-4KCXmGjjfmQPSpliHQhJltJyYZlb-skW4M4kyauWB30wf1sLLMg44eszbT6akOt8Qbd5ZiI_NfofjO-6Et8nCJS65J-U6bQsEKbFR5UC4ZLaQxnY7dLvOOX1HGB3r0hbnH68ZWWDxc9Z0wMJLE7gb3mI5BFfjHcsKclulVO6Q9NiYQw1f7-LC25dPzTzeoCuOhvEvfE0LkqCtv-ZIW7fyc6PK5dV5EZhfsPkBrLELfQ_xKEPj434chfzwjfiblTHbt81yLjaqtpt5GaUQYwkp1WYS1Y4bICr6Jg60kL9gx4bf1YYm0CvrvsCbMmrP4Ipw90qXfNXmwY0WENkrcNie8G8glsqCwTIPbRSkYDeF2-8SQU270KZK1w-oJLBNwVBt2IbQIThSttL-fhd2RMRmPj8rUYzm7Xe5ZRC1C56w2BIgn2nMZlvM_-FfHIfIdaqKFJ3q2kBdabEWcWedwAGUYCIfK4kMOfa_jvuj400lzA7MlKJvaG34btvBYYuD73n4E8ZfhC-wFzPaOOD9W38ap3t79yWdkNMwULXFZcPDe6KW0Irs4qQwlmOR_8rBckF-JZVlnktBc858SJrINyl9nM_aDCbqRCJhBquRJSR2-SQfNDFkmHc3EaX8IXqR8-Ek4AKMhmMLFM3lCkRQOCWNuRiiMEPcuzD_oKjc3oe_bX4cI2v3DG2zxlqNCspvf-syIsRgaeGC7R63tshY3KkJx1FMScKXZvrPAhgV1QFCnmIrg-hL5F_8Du1nDpg2owxQjSzErrYT4WCMZRG4K4nDdzeJhMzjdcbWOsjHXIZ6B6eCHyht04F4NpcYHsCZjtXSRGiZ_evNvet-lnsAaF3uB93X8kVubZ2QW-lcOHklRhUtDzxGe8dgj6X0Y-D08bY-X5NDyP2qxsC09AwxdS3huIIouzoOG046_QxtnDxvWif6zj6sX8W9IxBTzRW_Ww6dLrB7mO_wd6dLEkmdbZ-tqctl9bvAMs9tecuKzkQeZrdnHLKbmyIFQy4wEYHD6yDczqfVelwvVuGp8Z2yRzQdk_oyZspqr3h1pku6jdL3xA0-RKaRr3jL7zaBpmMdf4ggvDIUvkpDNjWUwJk_sQrAsqy2EBNaRYbVuSn1tBqeMriCcD-lD9RK6Wx1GHEySzPwLNsNNeLUH2AHvohVuPhQGpZ0qBlf-oGncCPJ9lJdgQs7LkRWPXvh-D_GuD3dJds_SSJIx_c1hR_W0M4vNKxXk1P88H4BuXVaRh91TpX8XjfERG9e7tqN5XYwMOL4kJN8GGuccDn8h6AThSi_VYz9ak-EQRTQPFsVEKgGkLGEUSuKOrL_zukB420tfcBkgj_Kh_TW7s1awfalJiC9H-m0b4CvzBbx42s69GXAboFj7BEMEdpLvkM4sfpxvQbf5VIpKrAPhKzkuT2yx0tgFllwoduquiO6TX2M_NwBDt-UEBYS2h4zxyBgMYh3xhNRYiHqbon0YMlGEEBkpebkdvtJQg0TD_k_EAgyj1PMONZBnSYnEiUsPGJEkheKeoUwwM-4glvf_a1W6NeJ2yH_BxbyR1sQgYelbMBEmizf1XlJfZO1Hg5vIUDW1sJ9Zf0_fPBmi_3EG109c4a3MvFsj9nNHG2x_smAVEp94bDPeHrB-dwF7wkc15OMlDHIruaYZ7GNsmrrhHycOcQpkx-dgxij0kmQY8wIhOupjHD55YH6l-zxtJpXR33l1BLdrSODp8qpil-tkMH2Yn9cDYck2B63lcAHMPz6N-WR9hpDqIZgsHtZls-IIYAXS_par_8zJw38oZ_GjTnRWVDq0SqMrQifxXcZQIDOMHf4h72Ko2nlt-_W1sRevEtmSmA-koEcapek7u8TcW1OKpO3qXD3U1LRRXrv1hFp2Drls2ZLbqNcnbL61xcJhmMKoT5V3clOI0z-hPlHh2kelzgGke11Trpa2faeS-y9IBnk9SbAsPk_cSMYaN8W_7cY2nKTEJ7I8HJIgJVq1Q_yCJ_NuKIhqcTHAKfHbYB2PqQBd5g_QVymjvHSbkg6dNqAomnCecO4ZSVSvbcvANYD4_28C9ArBEeSHBcLmn_siA02_Pq1igB-v15rK8e79lHtnuzfey-YUoPX_wBS4YWMLw080SC3CvHzU6Qq_P5jEb2H1p3Cu_0EsaHEE3OVkreI_cG2jzid17P28Eecq8hYOgXaygkxaWTCp3urQfoOc4rMkXVfIZUAdWwCqnz2f__7JVOWoIjQCurMNgQIjt0P_4BRtffe7sAucZY3IsdS6btHd6UoESIQ_8wTPNaK3Qd9UgOuE3E0Jd6PD6RrG-yx4JrVEHegtfg5Hgd7lSP25ngSDUuOsRKvhnSLEIOAFo_xxscAiotncK7x63RUccnMhpg5-Qu1nvevSXx1b0xWwM8235X5wmWKkcgIyUlGfTnWeNMIECyUSlpGNKFd-xbulyIG-bmx_nse_luJgRdAKGgQC3XdI_9Ou07fN61RVgLbMXsYvb7R9cQTIToiZBCQVAIx1f1kcvCIq9q1-o9AMozwNXWYbWzk3dPPKImKooh7zDU&pr=63:0.2261824756471470&cid=CAASBORoj7Y&rfl=3%2Chttps%253A%252F%252Fgramhir.com%252Fsearch%252Fwaleedrapper%240

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66618420950886ffdf8e775e36af9a25f6a7947dd5f8ed64a1c135ed66cfc84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14671
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 19AC 42 B
63 B 54ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDQnT2g3PQY79Tw3nkMj17nayhe8LyAmRqmvzw1OI1CV4YGenxbPbsEtQssqsshWZd-geBhdpc_MFueTa__Qt8tfRqib4AFAR4pTKdqYR79i-Lizc

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
adx.adform.net/adx/ssp/imp/ Frame 19AC 35 B
381 B 18ms
17ms Image
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adx.adform.net/adx/ssp/imp/?data=sulIUgGqBj2QJA7bWiGw3YS6iuIjSDnDwNHmsyhxAIOe2Wg3Xc8aRcZG3bmHhb80vtC4bPdyE5-ZoXgDylbYWO76m0NvzIBksuzdEInAw7z64OZVRHCYtXlxz4vI21oKDRHiGyaFgn2MUqhzZU7lhk-shraTS7GTxoTYFcBo8AYOy7LLohvwEQ2&adxvars=_3rMXGuSSbt3SR8iPthSdoAkGce-ceEtFuRaYt9dhwAfYNCdcUttEBaT6Lx0i9_ju4tMDLjizfyMUqhzZU7lhk-shraTS7GTxoTYFcBo8AYQ8JU2naCVwwgSWKON_IXqmdMEKD_zCKZ4C58YjtXOEXNdPKRbB9J_LEXb77zr0omUd9TFMuyCtZAoJNsLPcTE16TAQizV9BEaZ5i5btkLLg2&ord=925207

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:51 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 19AC 58 KB
24 KB 106ms
18ms Script
application/x-javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:55:54 GMT
server: nginx
etag: W/"612c9d1a-e958"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19AC 119 KB
36 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Dec 2021 21:45:51 GMT

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9255 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 15:05:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 14AE 0
0 43ms
43ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=640146606415056&rc=
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame F9B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEPLps6i97nyCovUDsHGYguM&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEPLps6i97nyCovUDsHGYguM&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=f0c7d30d8e69a86e645d2afaa6d0d3bd&uid=f0c7d30d8e69a86e645d2afaa6d0d...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=admans&ttd_tpi=1
https://cm.adsafety.net/?_cmsrc=ttdx&idt=100&did=7d1eb309-f165-4d72-88d7-117cfec90412
https://tags.adsafety.net/v1/cm?cm_uid=CM120211217218fd70c528dfc3199256&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Ddefault%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=f0c7d30d8e69a86e645d2afaa6d0d3bd

43 B
2 KB

15ms
15ms

Image
image/gif

85.90.246.246
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=f0c7d30d8e69a86e645d2afaa6d0d3bd
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeYigEQt8ShAhjY7pa7ATAB&v=APEucNUhJKD-_9OhAUG1-2thlvgpASEaYKRPaGKxjcgGlVA1TL5wbOoNpX6oFSvJc0zvSk7xkTuxjGVypqOiGM8paA3_4aJskMnyKgwMPJWRhQM2dCfzbQKcGVeIQDOc57ooH5gCApfAk5etXrwSglnrXJxidZvJ2l2fQQYKfbbXkEPiSplqGtMvuR-D_Ix7bOUtHJygKlBY
Protocol: HTTP/1.1
Server: 85.90.246.246 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1429-246.members.linode.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:51 GMT
Last-Modified: Fri, 17 Dec 2021 21:45:51 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:51 GMT
Last-Modified: Fri, 17 Dec 2021 21:45:51 GMT
Server: nginx
Location: https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=default&idt=100&did=f0c7d30d8e69a86e645d2afaa6d0d3bd
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ad.sxp.smartclip.net/ Frame F9B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEIRWuxmTaxdWsC-XHy_vNl0&google_cver=1
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEIRWuxmTaxdWsC-XHy_vNl0&google_cver=1&ang_testid=1

42 B
445 B

8ms
8ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEIRWuxmTaxdWsC-XHy_vNl0&google_cver=1&ang_testid=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMeYigEQt8ShAhjY7pa7ATAB&v=APEucNUhJKD-_9OhAUG1-2thlvgpASEaYKRPaGKxjcgGlVA1TL5wbOoNpX6oFSvJc0zvSk7xkTuxjGVypqOiGM8paA3_4aJskMnyKgwMPJWRhQM2dCfzbQKcGVeIQDOc57ooH5gCApfAk5etXrwSglnrXJxidZvJ2l2fQQYKfbbXkEPiSplqGtMvuR-D_Ix7bOUtHJygKlBY
Protocol: H2
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:51 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

date: Fri, 17 Dec 2021 21:45:51 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEIRWuxmTaxdWsC-XHy_vNl0&google_cver=1&ang_testid=1
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 19AC 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6ocB4FepmGuamSkVHOEIFwoXli8tkcMAkyD1lXv4vQfOD_dTfHXVv0ghfYZYAsKybxoS-TrFe36yd1kj8fUElOWIctK9BhwLVZgwWhsT1gDMUXN2R-V1-kIEqG70WajLvtp5lm6IewypbIYAv5PyBqETT4A&dbm_d=AKAmf-DlDVwaTKRkGlQuJBrPJ_-nuYT_Xlw-llAY1dnZM9pS5RF8_0FeMurwGlaZjcdxvcMUCADUySlevyOKzdtprRDx5lrh1RQbenjrlQ7Qx5FgClc6J4qemwTOwY_GzfNoQPMBnPWFLxgvA3aUyZlubCJRnO7CtaNIhBUZ7r_tZTwIZPg_ANMXLYv8S2K6B017OGROeF3oUFkydkh_DOOkuHkc5u75e9RG4cTRlmnGrG8eJ2ahOTSCFSH2MB2oy_5scKx_GpymubXcKOWZb3HF8QCFeBCkscPf0h5NUvTa6ydcV9QmprWy3SpX4Q9pIgoDLYvsngiEiBkA5HA23nUTRhHaMzaidxCEQaeQZcqoItS1damrB61p4TlULXQiP2Uf9zmKkDMaHDSOfTeMIrGwPj34Z8jSZUdLRkqO95l4U_g4R3fiZEIwiWISTF1mTdtgwwra7P8e5nmktNkDI3HgrZiQmvtl0pCV4sksItOW4HGV2rG0GoJ05M9vTdAqWdp0eUTYKuK_E7_mMsTYBqEhklk-o2eH0Wt6ALq2JUGW4esuO41LOtlt8eNlUU-ZY3tDlTC--KtbYIcYXzV-4KCXmGjjfmQPSpliHQhJltJyYZlb-skW4M4kyauWB30wf1sLLMg44eszbT6akOt8Qbd5ZiI_NfofjO-6Et8nCJS65J-U6bQsEKbFR5UC4ZLaQxnY7dLvOOX1HGB3r0hbnH68ZWWDxc9Z0wMJLE7gb3mI5BFfjHcsKclulVO6Q9NiYQw1f7-LC25dPzTzeoCuOhvEvfE0LkqCtv-ZIW7fyc6PK5dV5EZhfsPkBrLELfQ_xKEPj434chfzwjfiblTHbt81yLjaqtpt5GaUQYwkp1WYS1Y4bICr6Jg60kL9gx4bf1YYm0CvrvsCbMmrP4Ipw90qXfNXmwY0WENkrcNie8G8glsqCwTIPbRSkYDeF2-8SQU270KZK1w-oJLBNwVBt2IbQIThSttL-fhd2RMRmPj8rUYzm7Xe5ZRC1C56w2BIgn2nMZlvM_-FfHIfIdaqKFJ3q2kBdabEWcWedwAGUYCIfK4kMOfa_jvuj400lzA7MlKJvaG34btvBYYuD73n4E8ZfhC-wFzPaOOD9W38ap3t79yWdkNMwULXFZcPDe6KW0Irs4qQwlmOR_8rBckF-JZVlnktBc858SJrINyl9nM_aDCbqRCJhBquRJSR2-SQfNDFkmHc3EaX8IXqR8-Ek4AKMhmMLFM3lCkRQOCWNuRiiMEPcuzD_oKjc3oe_bX4cI2v3DG2zxlqNCspvf-syIsRgaeGC7R63tshY3KkJx1FMScKXZvrPAhgV1QFCnmIrg-hL5F_8Du1nDpg2owxQjSzErrYT4WCMZRG4K4nDdzeJhMzjdcbWOsjHXIZ6B6eCHyht04F4NpcYHsCZjtXSRGiZ_evNvet-lnsAaF3uB93X8kVubZ2QW-lcOHklRhUtDzxGe8dgj6X0Y-D08bY-X5NDyP2qxsC09AwxdS3huIIouzoOG046_QxtnDxvWif6zj6sX8W9IxBTzRW_Ww6dLrB7mO_wd6dLEkmdbZ-tqctl9bvAMs9tecuKzkQeZrdnHLKbmyIFQy4wEYHD6yDczqfVelwvVuGp8Z2yRzQdk_oyZspqr3h1pku6jdL3xA0-RKaRr3jL7zaBpmMdf4ggvDIUvkpDNjWUwJk_sQrAsqy2EBNaRYbVuSn1tBqeMriCcD-lD9RK6Wx1GHEySzPwLNsNNeLUH2AHvohVuPhQGpZ0qBlf-oGncCPJ9lJdgQs7LkRWPXvh-D_GuD3dJds_SSJIx_c1hR_W0M4vNKxXk1P88H4BuXVaRh91TpX8XjfERG9e7tqN5XYwMOL4kJN8GGuccDn8h6AThSi_VYz9ak-EQRTQPFsVEKgGkLGEUSuKOrL_zukB420tfcBkgj_Kh_TW7s1awfalJiC9H-m0b4CvzBbx42s69GXAboFj7BEMEdpLvkM4sfpxvQbf5VIpKrAPhKzkuT2yx0tgFllwoduquiO6TX2M_NwBDt-UEBYS2h4zxyBgMYh3xhNRYiHqbon0YMlGEEBkpebkdvtJQg0TD_k_EAgyj1PMONZBnSYnEiUsPGJEkheKeoUwwM-4glvf_a1W6NeJ2yH_BxbyR1sQgYelbMBEmizf1XlJfZO1Hg5vIUDW1sJ9Zf0_fPBmi_3EG109c4a3MvFsj9nNHG2x_smAVEp94bDPeHrB-dwF7wkc15OMlDHIruaYZ7GNsmrrhHycOcQpkx-dgxij0kmQY8wIhOupjHD55YH6l-zxtJpXR33l1BLdrSODp8qpil-tkMH2Yn9cDYck2B63lcAHMPz6N-WR9hpDqIZgsHtZls-IIYAXS_par_8zJw38oZ_GjTnRWVDq0SqMrQifxXcZQIDOMHf4h72Ko2nlt-_W1sRevEtmSmA-koEcapek7u8TcW1OKpO3qXD3U1LRRXrv1hFp2Drls2ZLbqNcnbL61xcJhmMKoT5V3clOI0z-hPlHh2kelzgGke11Trpa2faeS-y9IBnk9SbAsPk_cSMYaN8W_7cY2nKTEJ7I8HJIgJVq1Q_yCJ_NuKIhqcTHAKfHbYB2PqQBd5g_QVymjvHSbkg6dNqAomnCecO4ZSVSvbcvANYD4_28C9ArBEeSHBcLmn_siA02_Pq1igB-v15rK8e79lHtnuzfey-YUoPX_wBS4YWMLw080SC3CvHzU6Qq_P5jEb2H1p3Cu_0EsaHEE3OVkreI_cG2jzid17P28Eecq8hYOgXaygkxaWTCp3urQfoOc4rMkXVfIZUAdWwCqnz2f__7JVOWoIjQCurMNgQIjt0P_4BRtffe7sAucZY3IsdS6btHd6UoESIQ_8wTPNaK3Qd9UgOuE3E0Jd6PD6RrG-yx4JrVEHegtfg5Hgd7lSP25ngSDUuOsRKvhnSLEIOAFo_xxscAiotncK7x63RUccnMhpg5-Qu1nvevSXx1b0xWwM8235X5wmWKkcgIyUlGfTnWeNMIECyUSlpGNKFd-xbulyIG-bmx_nse_luJgRdAKGgQC3XdI_9Ou07fN61RVgLbMXsYvb7R9cQTIToiZBCQVAIx1f1kcvCIq9q1-o9AMozwNXWYbWzk3dPPKImKooh7zDU&pr=63:0.2261824756471470&cid=CAASBORoj7Y&rfl=3%2Chttps%253A%252F%252Fgramhir.com%252Fsearch%252Fwaleedrapper%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 21:42:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 19AC 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Dec 2022 15:13:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 19AC 0
0 42ms
42ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFist8v1b1SOoKGFDPyS8KpLyKe4alfpKDoND3LJTXZZ_89vzUR4gJ5zWTInumV6m6k5wJwEaiNNzDvaqYpqDxjND2Je_CwmFpa5l8GhiRwCXgUpTPvtx0zsP4qaGRVAu-F4sL57vuFE-9wbOeWh4P5mlp-tXaYUdKqGawF22j-rIKXpZ2UE4MmF6TFQ_cZMVy_M3D4MlLV-nc5WP6pETVqlUzlHWKYYnzNxTw03UCb0ie6nK2yh3yNBdGkU1CGYuaf7tyvYeMwwoll5QirQWm2YyQvMixPO1LVYFnDGoIE0WUmtFZwoKU_YP1WkEfDXwGvw48fQrhqWLn8vg&sai=AMfl-YRjcKaYNk45bRz0ex38LbputtgdD7rZLCjKRhMXmqbs49dgT8-GMSjhwXGOUlhSUQ_7KhSEtjUW0jGCutSlq21v2egQml1KbB83QRhxZ0ca_Hbj3CIqGjLSfjB03d4L&sig=Cg0ArKJSzIHHcZy6x5igEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 21:45:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 17 Dec 2021 21:45:51 GMT

GET
H2 200 ados.js Show response
mfad.inskinad.com/ Frame 19AC 37 KB
10 KB 401ms
175ms Script
application/javascript 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mfad.inskinad.com/ados.js
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c05e33e6c4251ad52eb977a7c942acd52fca8c4bb96d109d3314160e447a0e27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
last-modified: Fri, 17 Dec 2021 16:06:04 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61bcb56c-9238"
content-type: application/javascript

GET
DATA 200
OK truncated
/ Frame 19AC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7559aa64aa435861fe8fa1cdd7e76abcaad57fe9661538f0e2296012919c854

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4578 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 14 Dec 2021 15:13:54 GMT
expires: Wed, 14 Dec 2022 15:13:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 282717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie
cm.adform.net/ Frame 9469 43 B
105 B 18ms
18ms Image
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:51 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4578 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 15:05:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CF8 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=640146606415056&bg=!NzSlNHDNAAZKWFskSlg7ACkAdvg8WukUk5M1MmLYFXDgthRPsbJ4maLwCuyt_nqpchifj0cRTawIDwIAAADgUgAAAAtoAQeZAtoMRRz2gFk2wo2H3Wk6ADo--RiAE9IyiRT4k2pj1hze4Vx9j_kpFHyjGFWkFjcKAqMHna9EZo9kM34dHxvHN4KLOlyGXUkxK5FHjRdcbfxKXSctGMixXCuX0IJ6_yB-4gXWaBT4GenYaBNo5gR2BWdyA3uRA_ejJNedXx-G5jcaXszREvpzMMZY6FEEpvD2NXuSxRh5oKFAXWLIQc5lP5apsriFiqADcbA-37NrZNaHPM97rNsvDsj8vQZbnNkLRdwOHh3cv6-E5BrWTkvumoNX88nK88k-afPwsc9LfNq-lsIOjrFnxD-afJuC2Qv6xslOwFJpWWPVaFfUr0CCe71Bl3HQR0twtDN9SpyACSx-V6zQvZNxADu_76naANrODbmIEazzky0amkRLd6jlclZqCFPHIiXr8Uk7frhnUi8CfTvw663QfrcMhckNzJeNUacTUmiMTNkpf2Dfzn_xYbWHUwrwWoOQmL3HWPfcXkZC32eVq-MtUbTZW-ppZBNgbbRLy0wIJBb4Pjv-h_-BORSnfoUfLhj4kyFLGpUhDYHJhOK9F2TLPdXIq0tTwTCC9dgp5peV92SuedHGxSPF7Ch-bgctCCFRHlw_CsLH_d3SBb4HoA6dJu3EYhrlitfhBjxjT50vFk1dan8mfUgLrOGm0QJxeLH7e1PjoSM3XlAMEptopbVxR1AhFQeNmFqe-OYVE1AEA7o0GUDWfoaRxVjupGdMVDszPrLN7dxFntNN_d6Dc_F-jvVEyIRM5r5LdZQpvZX9ItIaKkjUVsV0h7a4gFtmK7t-w1_fK2mSMKe6Mpk8XJXD9TGZ7AQDJuozVGACyAZeAsIIlHA7AOs0VEo9nd1V9FrF34CKnTPkcHseOoDc50cTxsmtTEQ9j3FfP3BiZVoCdtV0SIuT1SHAGGqI6hoCgqbizlxVCv1UUg8xN6UznWjLgrtFKIVDOFOIDuesgkD9-fWlnvfg

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4578 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHEu7DwW9YZiHEZmW7_UPsKajgAoAAAAAOAHgBAI&bg=!AAOlA0fNAAZKWFskSlg7ACkAdvg8Wp9X5aGrVlEJMvk9TxcrCAvVekzpRKrj4yZsUvXPHQkhIu17LwIAAABOUgAAAAdoAQcKAF7e5CKFE5JBZh8YXCvAX8tY9hWmfzLIs4shwq-6e-PHUsMKB9HJX39qWtGEWt0Vk3UgNAmtOnvrYPth-j1ynJt6Nq6POXRmnDVCmTjPJiOsAtggGBXHDQstDisroNJbmQMLYB79M5TXYJs0Mh9H0YlMof7q-O1wfvI6bqPqk9aJWjlehDeg8MtlDhL6b_e6vhBxdMgpXs8FsSOZKEIbPR4zSOP9vp1kIkAlo4uOMRe6t0ElGxkFDjUGCY0oDYLVGHcoGVpaExZtUtNUql1UsNVc8o9o5x4kYewtMkB-T0VvDxd0YWwT-LLPyZrIrDbIHdWp3cVZ7rJh5idcv9F86dYIVuCaKnyW4RY1uk4nIt9aL6YHH3fvjG6zxO1fEhGMr2TBTcrKoOulkuA1H99RScMQ-OCejwSTeHSKES0EzctdpGnngEjchHZRJHQ-E3gYQWvaZyvaUAk44ClX_UC96MAvN0Lo1gMSt1ewty1bhvJUPEpvaogokV9nfBRzBnMtghTC4fROSDSbXUGL8J9QSuh9OAWQar3re-5HalOvKFvDVv3bbCHvMfL8aBTRNeUHXFYl_34YYLGMPv1FcbbNpRFav1lnn_PQ8Xknf0RE6KafHJ-O3rUVxQqUa7KcLU76g3qCyCFb6mzI_TmcILsneFJA9coyDDvr5tvRyUKBObDLoaEpDQ7bhlTy8FCx4ecSCRdRmwyCAYbJlh7PopXL99p1kqs3b1vn3vEPrTxSQ5pKdp8lS-CwjubwfDphvxkGWVgHrF4avLOQvi7w9DqwnXCrmAYOkuvvelGxcukxGhcFf1FdEtu62eXZDQaJAsPNqhAX-4w73ZSLdkDfTTRobZuX8naXI68FGQXYA-XF3dYk6DFqlCQ6jJaWlmYfPQ-bTfcRcuVIcXrpY02Yboc8rVCmr1WJegB6XeiljQlQVemYPVwaFZ8j4qR203FoiaHuuZ7n3_-8vFN9yZhZAxb6YUU9hjGUBVa8CygjNm_fOmAAkUQ_2ybTzk_oDxAOADJqgbIrNJ2fV2yis6rZqLzJ3ODcVrv3eHn9UDc4l6n5CL6DKULOEJsMvTnFB-7My3OkmKMrJ9CXsqASEs8QpLURPjY_Yx5i7ghErIWGyENvR7sKB7cJRiUWDQBKWFD_P177HxuOnpbCMkolb0WXIJQ

Requested by

Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ados Show response
mfad.inskinad.com/ Frame 19AC 5 KB
3 KB 108ms
108ms Script
application/javascript 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mfad.inskinad.com/ados?t=1639777551190&request=%7B%22Placements%22%3A%5B%7B%22A%22%3A9874%2C%22S%22%3A681017%2C%22D%22%3A%22ism-rtb-companion%22%2C%22AT%22%3A2163%2C%22RedirectUrl%22%3A%22https%253A%252F%252Fadx.adform.net%252Fadx%252Fssp%252Fclk%252F%253Fdata%253DsulIUgGqBj2QJA7bWiGw3YS6iuIjSDnDwNHmsyhxAIOe2Wg3Xc8aRcZG3bmHhb80vtC4bPdyE5-ZoXgDylbYWO76m0NvzIBksuzdEInAw7z64OZVRHCYtXlxz4vI21oKDRHiGyaFgn2MUqhzZU7lhk-shraTS7GTxoTYFcBo8AYOy7LLohvwEQ2%2526adxvars%253D_3rMXGuSSbt3SR8iPthSdoAkGce-ceEtFuRaYt9dhwAfYNCdcUttEBaT6Lx0i9_ju4tMDLjizfyMUqhzZU7lhk-shraTS7GTxoTYFcBo8AYQ8JU2naCVwwgSWKON_IXqmdMEKD_zCKZ4C58YjtXOEXNdPKRbB9J_LEXb77zr0omUd9TFMuyCtZAoJNsLPcTE16TAQizV9BEaZ5i5btkLLg2%2526r%253Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%25253Fsa%25253DL%252526ai%25253DCfeP_DgW9Yb7xIoSV3gOKxYiICeO8pvRmkZ3t4YYPpy8QASD1rYEoYJWCgIDEB6AB5Oz02wLIAQmpAtQjDFzy6rI-qAMBqgTmAU_QJ4lwBvblI6slQj69Hwa__VLBFVeWC9FPai4v2DnmJzSjc8a3a4WYTMfhASoy0k98Y9pDqmQ7vVHlck8FMBaVOgZ5H72aJFTatcQGt5Dp2y_tXXLz5hXKDCHjY71nZ2krrO0Dw5zjH_K555EQDEuc0LtCqsSXc_qiQBBUUkCZsEADqMb-54RvpFyS3HUXqRC07URRl6CBYJRveWOPW1NVVQdH56S9dJcZ7DmwThgLlvrNJ-RRgvGhTwY6uYed7xhRiOYsJVfHAMQ-4Ocd0P47uTIJ8vKOJN47R5uG16_o8ptjNpI0wASs5suC6gPgBAOQBgGgBk2AB4STi6QBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgf8ggNYmlkZGVyLTE3MDQ3OIAKBJgLAcgLAYAMAbAThI2_DdATANgTA9gUAdAVAYAXAQ%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASBORoj7Y%252526sig%25253DAOD64_2kvzyXnsFkHEqZ_FDYwlU-yzJ2nw%252526client%25253Dca-pub-7098577362019730%252526dbm_c%25253DAKAmf-A-qRsJYIjuLFTMSVuSovkcgLh4-0jieJ6AsBE_p7xHQqEpCLHXoP8dmJ14nLxKgWcDBlpCxS-wK5IvPRMXlzn8sKkijyFuvYGWm-BjNfaTHi07ntvQSUjtSBGSEgYkHsi8MyCgYGd_VLXUGPYZy-xtZpxlTA%252526dbm_d%25253DAKAmf-CscuWEv216umLWWjqGAgI3lJuhPhUtT4SAEyHq95WzZQ6IaoQ-YRw5MInB9s3cK21ChIPPjEvYX_X3A--Iut21q-X3gJRfUXzjtYFV6IxQoE-vIkxXCIWezRGKDathenW2hv3z0PFjMyVr4gYd_I87gUiI4yzhclX_m-t2ReczNMr1kRhAsJpflNaAUxFrgG2sIZNWu-i4i3rfptjFFkco5u-WkWCZE4JAO4t1ljaXmXARKVLVuY_LcDCvM5bQBk4FNWfVE2U51e9bVPAhF5-45KZwaTXLKDsWxWmoJOHwUUkcmSxcGJBscbSAu9PN1N3FOhZGSZ3XAeZyUhKUMF8KyHFy9847Tg6ke4EJgsMDTaax5I_AmKJo4ePe6ZBut7cKiE8f9YBfRlbou5TaszGqNBoabsbrmmlmV9BXH7Rq69xmhi0%252526adurl%25253D%22%7D%5D%2C%22Keywords%22%3A%22uggholidayq4%22%2C%22Referrer%22%3A%22%22%2C%22IsAsync%22%3Atrue%7D
Requested by: Host: mfad.inskinad.com
URL: https://mfad.inskinad.com/ados.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: 424b90ab7daad02dadd1797491125bab4c5902c4747d43c501df2173533fa31c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:51 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"1248-nHnHymWfYuxaVBuf0GeMGFyhOZg"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by: bifrost-production-shard001-us-east-1a-i-0ac40cce59c36b0e6

GET
H2 200 7ed43c460fec40fd8b7498012536f96f.png
cdn.mfad.inskinad.com/Advertisers/ Frame 19AC 15 KB
16 KB 61ms
9ms Image
image/png 2600:9000:236e:6c00:17:8296:f1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mfad.inskinad.com/Advertisers/7ed43c460fec40fd8b7498012536f96f.png
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6c00:17:8296:f1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 388e0a43a809b37d3d3b47e7eb660c8c60af3144be50c7b0421ad122e37a82ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 11:18:01 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 16:08:24 GMT
server: AmazonS3
age: 2802472
etag: "b067b29f4f1d95cd9fe54f86902333ac"
x-cache: Hit from cloudfront
x-amz-version-id: QLyAo2xX.pnWX.0n9Yxqs4Hi9_1Zy4bs
cache-control: max-age=31557600
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-type: image/png
content-length: 15826
x-amz-cf-id: cG7irIZYXkzp8zxWI95KYG_aw0ASz_d3KnAuo7F7HQEGjm-MXa-UEw==
expires: Sun, 09 Nov 2031 16:08:23 GMT

GET
H2 200 i.gif
mfad.inskinad.com/ Frame 19AC 43 B
499 B 97ms
97ms Image
image/gif 3.214.202.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mfad.inskinad.com/i.gif?e=eyJ2IjoiMS45IiwiYXYiOjEzMzY2MSwiYXQiOjIxNjMsImJ0IjowLCJjbSI6MjIyNzA2MiwiY2giOjIzOTYyLCJjayI6e30sImNyIjo1NjM4NDkxMiwiZGkiOiJlMWJhMGNhMmQ4ZDg0NzlhYTc1MTQ1NmNhNTJjYzg3NiIsImRqIjowLCJpaSI6ImQ4NWRhY2ZhYzU1ZTQzOGQ4NjQ5NmJhMTRjNGQzMzJkIiwiZG0iOjEsImZjIjo5NTQyMzcwMCwiZmwiOjg3NDQ4NzQ3LCJpcCI6IjkxLjE5OS4xMTguNzkiLCJudyI6OTg3NCwicGMiOjAsImVjIjowLCJnbSI6MCwiZXAiOm51bGwsInByIjo4OTM4MSwicnQiOjIsInJzIjo1MDAsInNhIjoidW5kZWZpbmVkIiwic2IiOiJpLTBhYzQwY2NlNTljMzZiMGU2Iiwic3AiOjI5ODkwOCwic3QiOjY4MTAxNywidWsiOiJ1ZTEtOTYyNGQ3NmIzNWQwNDZmNGIwYThlYjY5Nzc1NGM5NDAiLCJ0cyI6MTYzOTc3NzU1MTg1NiwiYmYiOnRydWUsInBuIjoiaXNtLXJ0Yi1jb21wYW5pb24iLCJnYyI6ZmFsc2UsImdDIjpmYWxzZSwiZ2kiOnRydWUsImdzIjoibm9uZSIsInR6IjoiVVRDIiwiYmEiOjEsImZxIjowfQ&s=LjSghuLcSQR-1qdrbNturA0_Aks
Requested by: Host: gramhir.com
URL: https://gramhir.com/search/waleedrapper
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.202.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-202-18.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:52 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1b-i-0bfac152da564ddd9

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 19AC 42 B
64 B 54ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-gkttkVx7cr2PczPsjBmaFzoiadyosfzsCmbKd9geoMfA0GzMzWrlrBrqovIdYQq70ZzwIrnmIo8tPqfZ3ZsOuGLOq3BTtOOTgyNq0wxZGmEJ0-Kc&sig=Cg0ArKJSzM8Ur85haqOKEAE&id=lidar2&mcvt=1000&p=80,1147,111,1188&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=0.8&app=0&itpl=19&adk=2203426620&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639777550625&rpt=145&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 2CF8 83 KB
26 KB 57ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:53 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Dec 2021 21:45:53 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9469 83 KB
26 KB 16ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:53 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Dec 2021 21:45:53 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 78F1 9 KB
4 KB 18ms
17ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=gramhir.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1858
date: Fri, 17 Dec 2021 21:45:52 GMT
content-length: 4160
strict-transport-security: max-age=86400; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 2CF8 83 KB
26 KB 42ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:53 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Dec 2021 21:45:53 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9469 83 KB
26 KB 35ms
26ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:53 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Dec 2021 21:45:53 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 78F1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=gramhir.com&sn=ChromeSyncframe&so=3&topUrl=gramhir.com&bundle=k6OXJ191VXpQMVdKUFZkWFNySThoT1V1a2FoTjRZOHclMkIlMkI0SHlzTkZQMWFseVdvSWNUajNB...
https://mug.criteo.com/sid?cpp=tdb15nwvcmQ1SHR0dnlxb0JuY05jQklPSlFkeVBGTGc2WUNoTGh0M2F2eHVPWmsxOWEvaFp6cjdXUi9OVWhBV0l5dkFXMkJXb3V6WjlobU9DQ1VKbzV5YU5nWmFXeTNFNHRnM1Nzd1B2QlJUOU94elY5YWw2V3dsZ2J5QW...

428 B
632 B

16ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tdb15nwvcmQ1SHR0dnlxb0JuY05jQklPSlFkeVBGTGc2WUNoTGh0M2F2eHVPWmsxOWEvaFp6cjdXUi9OVWhBV0l5dkFXMkJXb3V6WjlobU9DQ1VKbzV5YU5nWmFXeTNFNHRnM1Nzd1B2QlJUOU94elY5YWw2V3dsZ2J5QWswaS9qSW81VWV1akEzRDFMU3BtWDh3WWJ1RWlDRTZxdXRQWHJKSGZXTitTQ2JKUFFTMHR0aVBRRlBmR0lUWElSR29MREpqcnlySU44UHBQanVRUC9zZnRMRzJTUkdySjZxM2N1V09yVldqQ0xGWE8wWTJBYkNjc2JyQXM0SjNBSTVta0d0R1JpMUx0NVNsRjIyOVRxYmZmVTFSYU5wSkt3OGh0UEpaNE1hV2t0T0pvZHlRND18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

65994e8ef6076d835a1d0f2a07e9ddf0302fcbb9b5d82cc3dd555c56a8284b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:52 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3654
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:53 GMT
strict-transport-security: max-age=86400; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=tdb15nwvcmQ1SHR0dnlxb0JuY05jQklPSlFkeVBGTGc2WUNoTGh0M2F2eHVPWmsxOWEvaFp6cjdXUi9OVWhBV0l5dkFXMkJXb3V6WjlobU9DQ1VKbzV5YU5nWmFXeTNFNHRnM1Nzd1B2QlJUOU94elY5YWw2V3dsZ2J5QWswaS9qSW81VWV1akEzRDFMU3BtWDh3WWJ1RWlDRTZxdXRQWHJKSGZXTitTQ2JKUFFTMHR0aVBRRlBmR0lUWElSR29MREpqcnlySU44UHBQanVRUC9zZnRMRzJTUkdySjZxM2N1V09yVldqQ0xGWE8wWTJBYkNjc2JyQXM0SjNBSTVta0d0R1JpMUx0NVNsRjIyOVRxYmZmVTFSYU5wSkt3OGh0UEpaNE1hV2t0T0pvZHlRND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1761
content-length: 567
expires: 0

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 762B 658 B
750 B 98ms
98ms Document
text/html 96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2a5cdaaafdd666defd7fcbd82a10bdbf6ef1ad0623a795e8a1402453891eac94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 32FC 38 KB
14 KB 15ms
14ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=61960
expires: Sat, 18 Dec 2021 14:58:34 GMT
date: Fri, 17 Dec 2021 21:45:54 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E267 52 KB
17 KB 82ms
53ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 18 Dec 2021 21:45:56 GMT
Date: Fri, 17 Dec 2021 21:45:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 1A07 0
72 B 100ms
100ms Document
text/html 96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D039 52 KB
17 KB 65ms
47ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 18 Dec 2021 21:45:56 GMT
Date: Fri, 17 Dec 2021 21:45:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame EE66 38 KB
14 KB 8ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gramhir.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=61960
expires: Sat, 18 Dec 2021 14:58:34 GMT
date: Fri, 17 Dec 2021 21:45:54 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 32FC 5 KB
6 KB 52ms
52ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=27127548&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 4f8d2a6e05e78ab51e90bca14a36881df1015f9adc3d02f01e57801974e38c69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:53 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame DD92 35 B
468 B 74ms
21ms Document
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=C17BF74D-B808-4180-9230-7C6F90106ACF

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 21:45:54 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C07A
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1911885660412990069

42 B
211 B

26ms
25ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1911885660412990069
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 21:45:54 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug004:0:6387
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1911885660412990069
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9D85
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
205 B

63ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 21:45:53 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug001:0:309
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Fri, 17 Dec 2021 21:45:53 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Fri, 17 Dec 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1846029

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B85F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042790967150114970

42 B
210 B

66ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042790967150114970
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 21:45:53 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug012:0:593
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 17 Dec 2021 21:45:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042790967150114970

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6ED0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yb0FEgAMrIMQKQAz&gdpr=0&gdpr_consent=&_test=Yb0FEgAMrIMQKQAz

1 B
237 B

13ms
12ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yb0FEgAMrIMQKQAz&gdpr=0&gdpr_consent=&_test=Yb0FEgAMrIMQKQAz
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 21:45:53 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug003:0:365
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yb0FEgAMrIMQKQAz&gdpr=0&gdpr_consent=&_test=Yb0FEgAMrIMQKQAz
accept-ranges: bytes
date: Fri, 17 Dec 2021 21:45:54 GMT
via: 1.1 varnish
x-served-by: cache-fra19178-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1639777554.332418,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame DA1F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLNVNVN0RlZ29BQUVDU2lnc1FNQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

34ms
33ms

Document
image/gif

34.248.204.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.204.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-204-54.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 17 Dec 2021 21:45:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Fri, 17 Dec 2021 21:45:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 880B
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
243 B

51ms
13ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 21:45:53 GMT
content-type: text/html; charset=utf-8
x-lat: amspug004:2:266
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Fri, 17 Dec 2021 21:45:54 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A15D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rrxSQL1wQvd8L7hj0GXRSlvHdk8

42 B
319 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rrxSQL1wQvd8L7hj0GXRSlvHdk8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 21:45:53 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug012:0:540
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Fri, 17 Dec 2021 21:45:54 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=rrxSQL1wQvd8L7hj0GXRSlvHdk8
Content-Length: 159
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B44F
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4837253409
https://sync.1rx.io/usersync/tradedesk/7d1eb309-f165-4d72-88d7-117cfec90412
https://sync.targeting.unrulymedia.com/csync/RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003

42 B
485 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 19:32:52 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug0022:0:468
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Fri, 17 Dec 2021 21:45:54 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003
etag: RXa8bb5cc057b243f1b9d71e2ae4f7d2ff003

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 8DDB 43 B
408 B 71ms
12ms Document
image/gif 72.251.245.181
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Fri, 17 Dec 2021 21:45:54 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 47BC
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eyKY5MKKw6YbOhsw119aX_8Z

42 B
527 B

30ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eyKY5MKKw6YbOhsw119aX_8Z
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 21:45:54 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug019:0:451
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Fri, 17 Dec 2021 21:45:54 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=eyKY5MKKw6YbOhsw119aX_8Z
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 8AC9 15 B
915 B 54ms
25ms Document
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bf357520b3c5c85-FRA

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 8260 43 B
277 B 112ms
25ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Vary: Accept-Encoding
X-adserver-worker: erebus-1b4654403995@version_1.365
Connection: close
X-server-arch: v2
Content-Type: image/gif
Content-Length: 43
X-core-time: 1ms
Date: Fri, 17 Dec 2021 21:45:54 GMT

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame A408
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
422 B

176ms
166ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bf357533f5a5b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Fri, 17 Dec 2021 21:45:54 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 4317
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bf357520d3f5b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame ECCE
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1cf8baf8-b5c5-4fa5-8c6e-dc0a492848d1-tuct8b68a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
148 B

39ms
17ms

Document
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1cf8baf8-b5c5-4fa5-8c6e-dc0a492848d1-tuct8b68a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Fri, 17 Dec 2021 21:45:54 GMT
via: 1.1 varnish
x-served-by: cache-fra19158-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1639777554.275454,VS0,VE11
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1cf8baf8-b5c5-4fa5-8c6e-dc0a492848d1-tuct8b68a92&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Fri, 17 Dec 2021 21:45:54 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1639777554.238249,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 32FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wXv3TbgIQYCSMHxvkBBqzw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

10ms
8ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=89441
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sat, 18 Dec 2021 22:36:35 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=214161bd-0512-4100-ac66-89fdefea3e66

0
261 B

73ms
18ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=214161bd-0512-4100-ac66-89fdefea3e66
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 17 Dec 2021 21:45:54 GMT
Server: MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=214161bd-0512-4100-ac66-89fdefea3e66
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 17 Dec 2021 21:45:53 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 32FC
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=C17BF74D-B808-4180-9230-7C6F90106ACF
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=af3c883343ba6fec5251ef8402004e3a

35 B
248 B

92ms
92ms

Image
image/gif

51.79.83.225
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=af3c883343ba6fec5251ef8402004e3a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Server: 51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: pikafka-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Fri, 17 Dec 2021 21:45:54 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=af3c883343ba6fec5251ef8402004e3a
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzE3QkY3NEQtQjgwOC00MTgwLTkyMzAtN0M2RjkwMTA2QUNG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

69ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:491
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAcS_6STB17M_s_OSkvzknA&google_cver=1

42 B
282 B

67ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAcS_6STB17M_s_OSkvzknA&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:377
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAcS_6STB17M_s_OSkvzknA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 32FC 43 B
616 B 55ms
12ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 16 Dec 2021 21:45:54 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:013c61bd-0512-4900-bf48-fb2bdf1b36da&gdpr=0&gdpr_consent=

42 B
420 B

44ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:013c61bd-0512-4900-bf48-fb2bdf1b36da&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:53 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:309
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 17 Dec 2021 21:45:54 GMT
Server: MT3 4133 baa842e master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:013c61bd-0512-4900-bf48-fb2bdf1b36da&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 17 Dec 2021 21:45:53 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7d1eb309-f165-4d72-88d7-117cfec90412

42 B
449 B

64ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7d1eb309-f165-4d72-88d7-117cfec90412
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:52 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:475
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=7d1eb309-f165-4d72-88d7-117cfec90412
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3352462481639665022

42 B
314 B

37ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3352462481639665022
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:53 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:817
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:54 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3352462481639665022
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8973840179362310736&gdpr=0&gdpr_consent=

42 B
210 B

53ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8973840179362310736&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:423
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:54 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3e63d8df-d348-4cda-aeb7-d99ff335e3e7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8973840179362310736&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l2di6JFjMb6MZWW-lGUtvpQwN7WMbma7wDcmv7LL

42 B
314 B

52ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l2di6JFjMb6MZWW-lGUtvpQwN7WMbma7wDcmv7LL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:2503
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l2di6JFjMb6MZWW-lGUtvpQwN7WMbma7wDcmv7LL
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C17BF74D-B808-4180-9230-7C6F90106ACF&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C17BF74D-B808-4180-9230-7C6F90106ACF&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NJU8OSVE2uUUZnVW8qv96pLo1TTr4O4-~A&gdpr=0&gdpr_consent=

0
128 B

65ms
18ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NJU8OSVE2uUUZnVW8qv96pLo1TTr4O4-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NJU8OSVE2uUUZnVW8qv96pLo1TTr4O4-~A&gdpr=0&gdpr_consent=
date: Fri, 17 Dec 2021 21:45:54 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 C17BF74D-B808-4180-9230-7C6F90106ACF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 32FC 43 B
877 B 114ms
35ms Image
image/gif 2a05:d018:d29:3601:6aba:1333:1e2b:7cf5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/C17BF74D-B808-4180-9230-7C6F90106ACF?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:6aba:1333:1e2b:7cf5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
https://x.bidswitch.net/sync?dsp_id=429&user_id=9bf69ba4-9990-5360-8033-ca97e18ecf99&ssp=pubmatic&expires=30&user_group=1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bb391dc3-715a-460c-952c-6330e3923d9c&gdpr=&gdpr_consent=&gdpr_pd=

1 B
281 B

14ms
12ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bb391dc3-715a-460c-952c-6330e3923d9c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:53 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:528
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bb391dc3-715a-460c-952c-6330e3923d9c&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 17 Dec 2021 21:45:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2373281510821007953&gdpr=0&gdpr_consent=&us_privacy=

1 B
425 B

14ms
12ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2373281510821007953&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 19:29:49 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:390
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2373281510821007953&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 17 Dec 2021 21:45:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 32FC 0
104 B 119ms
56ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C17BF74D-B808-4180-9230-7C6F90106ACF&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
203 B

19ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:409
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:53 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:516088a6-3eec-4e3d-b163-ef6ea8e5cec7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
210 B

13ms
12ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:516088a6-3eec-4e3d-b163-ef6ea8e5cec7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:53 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:500
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:516088a6-3eec-4e3d-b163-ef6ea8e5cec7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 17 Dec 2021 21:45:54 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 32FC
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8973840179362310736

42 B
287 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8973840179362310736
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 21:45:54 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:298
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:54 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e18dbc41-a1a9-4c63-8e8d-aa372bbd9390
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8973840179362310736
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 762B
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dbb391dc3-715a-460c-952c-6330e3923d9...
https://x.bidswitch.net/sync?dsp_id=80&user_id=013c61bd-0512-4900-bf48-fb2bdf1b36da&expires=30&ssp=between&bsw_param=bb391dc3-715a-460c-952c-6330e3923d9c&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bb391dc3-715a-460c-952c-6330e3923d9c

68 B
607 B

100ms
99ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bb391dc3-715a-460c-952c-6330e3923d9c
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=bb391dc3-715a-460c-952c-6330e3923d9c
Date: Fri, 17 Dec 2021 21:45:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 762B
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=85trpsnytxS.AikABlF9ylvPlg

68 B
607 B

98ms
98ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=85trpsnytxS.AikABlF9ylvPlg
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:54 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f17-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=85trpsnytxS.AikABlF9ylvPlg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 762B
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=adc8f4e8164a475d263fa4c7

68 B
607 B

98ms
97ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=adc8f4e8164a475d263fa4c7
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Fri, 17 Dec 2021 21:45:54 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=adc8f4e8164a475d263fa4c7
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

match
ads.betweendigital.com/ Frame 762B
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=9bf69ba4-9990-5360-8033-ca97e18ecf99
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiSivSNBlIFvp7KygpiJDliZjY5YmE0LTk5OTAtNTM2MC04MDMzLWNhOTdlMThlY2Y5OQ**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiSivSNBlIFvp7KygpiJDliZjY5YmE0LTk5OTAtNTM2MC04MDMzLWNhOTdlMThlY2Y5OaIBELXbaphfghHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiSivSNBmIkOWJmNjliYTQtOTk5MC01MzYwLTgwMzMtY2E5N2UxOGVjZjk5ogEQtdtqmF-CEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiSivSNBmIkOWJmNjliYTQtOTk5MC01MzYwLTgwMzMtY2E5N2UxOGVjZjk5ogEQtdtqmF-CEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=b5db6a98-5f82-11ec-a6e9-002590c82437

68 B
607 B

99ms
98ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=b5db6a98-5f82-11ec-a6e9-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Fri, 17 Dec 2021 21:45:54 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=b5db6a98-5f82-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D039 0
731 B 23ms
23ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:54 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a705efbc-e8a8-46e4-a6a7-d4d9bee6038b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E267 0
731 B 66ms
52ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:54 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 50b79bc6-2f2e-406f-9049-550414b163e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame D935 4 KB
1 KB 195ms
6ms Document
text/html 151.236.118.210
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9bf69ba4-9990-5360-8033-ca97e18ecf99&CACHEBUSTER=415095
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Fri, 17 Dec 2021 21:45:54 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2

200

match
ads.betweendigital.com/ Frame D935
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=bb391dc3-715a-460c-952c-6330e3923d9c
https://x.bidswitch.net/sync?dsp_id=257&user_id=mkdbb4842b-1ba4-4bf9-90be-43556e8191d6&expires=7&user_group=5&ssp=between&bsw_param=bb391dc3-715a-460c-952c-6330e3923d9c
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bb391dc3-715a-460c-952c-6330e3923d9c

68 B
607 B

98ms
98ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bb391dc3-715a-460c-952c-6330e3923d9c
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=bb391dc3-715a-460c-952c-6330e3923d9c
Date: Fri, 17 Dec 2021 21:45:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame D935
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b5db6a98-5f82-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=b5db6a98-5f82-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=DUJG5BtPjcC8WZauqOJ%2Bsg&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=DUJG5BtPjcC8WZauqOJ+sg&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=DUJG5BtPjcC8WZauqOJ+sg&extra2=aidata&google_gid=CAESEDdKNp4yOu0ZNp4jlHPBzdo&google_cver=1

43 B
516 B

34ms
6ms

Image
image/gif

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=DUJG5BtPjcC8WZauqOJ+sg&extra2=aidata&google_gid=CAESEDdKNp4yOu0ZNp4jlHPBzdo&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:45:55 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=DUJG5BtPjcC8WZauqOJ+sg&extra2=aidata&google_gid=CAESEDdKNp4yOu0ZNp4jlHPBzdo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D039 0
731 B 24ms
24ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:55 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 52875f73-1309-46e9-b660-3f9021b7793f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E267 0
731 B 15ms
15ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Dec 2021 21:45:55 GMT
X-Proxy-Origin: 91.199.118.79; 91.199.118.79; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 505cbc59-5a9c-4fac-abd3-1450588d9c96
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 349E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

7ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9bf69ba4-9990-5360-8033-ca97e18ecf99&CACHEBUSTER=415095
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Dec 2021 21:45:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Fri, 17 Dec 2021 21:45:55 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 349E 32 KB
10 KB 21ms
21ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 45fbdad0412ebdbc836f5eeed2ed8adf4e26aa2b612518fbf9cf29c5b83cfc19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 21:45:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73913
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9701
Expires: Sat, 18 Dec 2021 18:17:48 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 349E 284 B
536 B 8ms
8ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 349E 0
239 B 8ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2

200

415095
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame D935
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/415095
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/415095

43 B
297 B

49ms
49ms

Image
image/gif

2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/415095
Protocol: H2
Server: 2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software: ms-counter-3.2.15/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.15/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Dec 2021 21:45:55 GMT
server: ms-counter-3.2.15/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/415095
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET

usersync
rtb.gumgum.com/ Frame D935
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=9bf69ba4-9990-5360-8033-ca97e18ecf99&expires=60
https://rtb.gumgum.com/usersync?b=bsw&i=bb391dc3-715a-460c-952c-6330e3923d9c

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: rtb.gumgum.com
URL: https://rtb.gumgum.com/usersync?b=bsw&i=bb391dc3-715a-460c-952c-6330e3923d9c

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

103 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gramhir.com/	1970-01-20 08:59:51	Name: __atuvc Value: 1%7C50
gramhir.com/	1970-01-19 23:29:39	Name: __atuvs Value: 61bd050df28ea771000
.gramhir.com/	1970-01-20 17:00:49	Name: _ga Value: GA1.2.783857688.1639777550
.gramhir.com/	1970-01-19 23:31:03	Name: _gid Value: GA1.2.510250690.1639777550
.gramhir.com/	1970-01-19 23:29:37	Name: _gat_gtag_UA_206621869_1 Value: 1
.addthis.com/	1970-01-20 08:59:51	Name: uvc Value: 1%7C50
gramhir.com/	1970-01-19 23:29:39	Name: stpdOrigin Value: {"origin":"direct","referrer":"","ex":"Fri, 17 Dec 2021 22:15:49 GMT"}
gramhir.com/	1970-01-20 00:12:49	Name: _pbjs_userid_consent_data Value: 3524755945110770
.gramhir.com/	1970-01-20 08:15:13	Name: _pubcid Value: ade50b51-d67f-422a-aad1-bd48fe827a3d
.addthis.com/	1970-01-20 08:59:51	Name: loc Value: MDAwMDBFVURFUlAyMjkyMTg4MzAwMzAwMDBDSA==
gramhir.com/	1970-01-20 08:51:13	Name: cto_bidid Value: LtLKFl9rWTFROGt3UWhoT0hlTFRlWDhubzV2NkJrJTJGZ0MzdVpSNWhVb3Y4c1ZZcHJMcGF3UFdkMWpPaHNORUhDbjBUbVJrY3daaUZ4MmxSNVVkOG8yd3lSNTdBJTNEJTNE
gramhir.com/	1970-01-20 08:51:13	Name: cto_bundle Value: k6OXJ191VXpQMVdKUFZkWFNySThoT1V1a2FoTjRZOHclMkIlMkI0SHlzTkZQMWFseVdvSWNUajNBUEJ2TmdLaVdRa25HbTVFMmhHRWNTMXEwSjFOZXJPVW5Ta25kNnZOSk1XQjAzclhVZ3JWc0dPSFBnUkV2cFNETUNrSnloNFppdmtyNERiRHo
.betweendigital.com/	1970-01-20 08:15:13	Name: dc Value: was1
.betweendigital.com/	1970-01-20 08:15:13	Name: ss Value: 1
prebid.a-mo.net/	1970-01-20 08:15:13	Name: __amc Value: 1_1639777550_1639777550
.betweendigital.com/	1970-01-20 08:15:13	Name: tuuid Value: 9bf69ba4-9990-5360-8033-ca97e18ecf99
.a-mo.net/	1970-01-20 08:15:13	Name: amuid2 Value: 1dc91b1d-cf13-4a72-99be-b96c6a0e38f6
.adnxs.com/	1970-01-20 01:39:13	Name: uuid2 Value: 8973840179362310736
.gramhir.com/	1970-01-20 08:51:13	Name: __gads Value: ID=f3d71a0580967683-222befa20acd00cb:T=1639777551:S=ALNI_Ma8KIg5BKDIvcLGoDCQrHGdHNtn_A
.adform.net/	1970-01-20 00:14:15	Name: C Value: 1
.doubleclick.net/	1970-01-20 08:51:13	Name: IDE Value: AHWqTUmKaiPD-AkCYiPq4qxXZ1uVUzcAcXux3JK-X_jivgiQaRnFGH8gtcQ5ZFXYHO4
.sxp.smartclip.net/	1970-01-20 00:12:49	Name: uuid Value: 9c92437c-0f05-bd61-3daf-96dc382dcfed
.sxp.smartclip.net/	1970-01-20 00:12:49	Name: dspuuid Value: 10.CAESEIRWuxmTaxdWsC-XHy_vNl0
.sxp.smartclip.net/	1970-01-20 00:12:49	Name: psyn Value: 18978.10
ads.smartstream.tv/	1970-01-20 08:15:13	Name: DID Value: f0c7d30d8e69a86e645d2afaa6d0d3bd
ads.smartstream.tv/	1970-01-20 08:15:13	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 08:15:13	Name: permanent Value: 1
cm.adsafety.net/	1970-01-20 08:15:13	Name: UID Value: CM120211217218fd70c528dfc3199256
.adsafety.net/	1970-01-20 08:15:13	Name: cm_uid Value: CM120211217218fd70c528dfc3199256
.adsrvr.org/	1970-01-20 08:15:13	Name: TDID Value: 7d1eb309-f165-4d72-88d7-117cfec90412
cm.adsafety.net/	1970-01-20 08:15:13	Name: permanent Value: 1
tags.adsafety.net/	1970-01-20 08:15:13	Name: UID Value: f0c7d30d8e69a86e645d2afaa6d0d3bd
tags.adsafety.net/	1970-01-20 08:15:13	Name: DID Value: f0c7d30d8e69a86e645d2afaa6d0d3bd
tags.adsafety.net/	1970-01-20 08:15:13	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 08:15:13	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 00:12:49	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 08:15:13	Name: ct_uid Value: f0c7d30d8e69a86e645d2afaa6d0d3bd
.adsafety.net/	1970-01-20 08:15:13	Name: ct_did Value: f0c7d30d8e69a86e645d2afaa6d0d3bd
.adsafety.net/	1970-01-20 08:15:13	Name: ct_idt Value: 100
cm.adsafety.net/	1970-01-20 08:15:13	Name: cache0 Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvcmJhUFU5b20zQkF5dTJDL1paY3dmeXBZa1YxaDhFMEt3MzhEV09LTzBkcHE3TWt1SEZQWVE0dlpCaGk2U1VYUzFxMXh3L3M2aTF5QWs1cXppOUFERWU3NTNXQzN6NDM5UzJVMGRRMG1KNlQ2VjdIdG02VllNMVVWZVFPaEtQZ1F0aCt6b0xoRFRGMitQYy8vUDZDMUlTZnNqS1FCRXg5TGorN0hpQmVaekhaRXUzeWtQVTFwem8wbWhZeEVKOXJpOHF3YVpzVkRFbHk4bldPMUVIdkY2ZXN0eENSbmRjNTl5QkpJTk9UTHNnaGtZWmZxY016dFd0b1ZzWXB1NjNGWlJ0NjMzZURiZW5xbnhwYTNMSDJIajFEYllydE93RmJMSnZDemVKOUZ1S1BrYUFORnd1blFjTEJBQ1JVUldSdUMyTlQxUjl6MGVZZEU5aWRBMFNlVmZNU3c3YTBxNGcwZzhzNE1adUk3dS93RDVuSTNhRzF2Z21oTDVmSnhIQkFQVUNIZHRGVGp1QjVIMXVJZGdJWjI1UW9MYjl4bCtvNWowMGtWczRpVFFBY3JMdkJiajFzTmxncmtWZWNHbWtVdWNuY2g4UzIwdDIrYk9nNkdlRzlmbDNlNGhONitTK243bDl6SUsxbW44NnpDaDl2MTJZYW5wMFBpaW5LcFNRTEpodDJGZVl2NFk5K1liUXF0UDl4UFp2Y0Fta3FNRzZXbVFNc1Q0dVV4QzR6a0RNcCtaODkvWDBmaG5BRTBIeGJIbnliQVZ5WUdwRjg5Tm9ab0lpd3A1c2h4ZmcvYU1ob1hGVm1hTmNXQy9CZktRbVhqSzgzQkpMWWswdEpRa2dWdXUxcVo3N1FIWWFMTWNadGl2WWo2TWswSGRqQnFBVWxZOHRxWXNRaFFKb1Q%3D
.criteo.com/	1970-01-20 08:51:13	Name: uid Value: 2ef3ff90-07ad-4c93-bf83-58a5978a5284
.gramhir.com/	1970-01-20 08:51:13	Name: cto_bundle Value: Mi8QY191VXpQMVdKUFZkWFNySThoT1V1a2FuMXg0ZHNOV01BOVZYSGxibGdpVXBPV1pjY3hrRmpibDVsJTJCTGJnd0ZpTUUxWHpKTmlYT3I4cllEU1NPY1AyMmdxTEFoNGclMkJHc0tTWUlkNnVaUUZGS2l5N3JuYkl0TVVFVUVVRzAlMkJSclVmbk9CZXpnWklEcGoxMlZmQzVOOSUyRlNWdyUzRCUzRA
.ads.pubmatic.com/	1970-01-19 23:31:03	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 01:39:13	Name: KADUSERCOOKIE Value: C17BF74D-B808-4180-9230-7C6F90106ACF
.pubmatic.com/	1970-01-20 01:39:13	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 23:31:03	Name: pi Value: 156191:2
.pubmatic.com/	1970-01-20 01:39:13	Name: DPSync3 Value: 1640908800%3A197_219_201%7C1639785600%3A174
.pubmatic.com/	1970-01-20 01:39:13	Name: SyncRTB3 Value: 1642291200%3A203%7C1640908800%3A176_161_81_165_88_230_220_3_166_99_21_54_56_234_204_13_7_55_71_22_238_222_8_233%7C1640995200%3A35%7C1640563200%3A63%7C1640304000%3A15_223_2
.adfarm1.adition.com/	1970-01-20 01:39:13	Name: UserID1 Value: 7042790967150114970
.taboola.com/	1970-01-20 08:15:13	Name: t_gid Value: 1cf8baf8-b5c5-4fa5-8c6e-dc0a492848d1-tuct8b68a92
.bidswitch.net/	1970-01-20 08:15:13	Name: c Value: 1639777554
.bidswitch.net/	1970-01-20 08:15:13	Name: tuuid_lu Value: 1639777554
.bidswitch.net/	1970-01-20 08:15:13	Name: tuuid Value: bb391dc3-715a-460c-952c-6330e3923d9c
.quantserve.com/	1970-01-20 01:39:13	Name: d Value: EJkBCwH9JPijAA
.quantserve.com/	1970-01-20 08:59:51	Name: mc Value: 61bd0512-3e253-25f79-8f7aa
.simpli.fi/	1970-01-20 08:16:39	Name: suid Value: 80CE13F75BC94C229C9671E29CF811F0
.mathtag.com/	1970-01-20 08:55:32	Name: uuid Value: 013c61bd-0512-4900-bf48-fb2bdf1b36da
.analytics.yahoo.com/	1970-01-20 08:16:39	Name: IDSYNC Value: 18z8~2259
.adform.net/	1970-01-20 00:56:01	Name: uid Value: 3998777508497136607
.erne.co/	1970-01-20 08:15:13	Name: u Value: eyKY5MKKw6YbOhsw119aX_8Z
.de17a.com/	1970-01-20 08:08:01	Name: guid2 Value: 1.1911885660412990069
.lijit.com/	1970-01-20 08:15:13	Name: ljt_reader Value: adc8f4e8164a475d263fa4c7
.adsrvr.org/	1970-01-20 08:15:13	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwj46N-klOygOhAFGAEgASgCMgsI6Iii0qrsoDoQBTgBWgthZGNvbmR1Y3RvcmAC
.pubmatic.com/	1970-01-20 00:12:49	Name: KRTBCOOKIE_409 Value: 22966-eyKY5MKKw6YbOhsw119aX_8Z
.pubmatic.com/	1970-01-20 01:39:13	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 01:39:13	Name: KRTBCOOKIE_80 Value: 22987-CAESEAcS_6STB17M_s_OSkvzknA&KRTB&16514-CAESEAcS_6STB17M_s_OSkvzknA&KRTB&23025-CAESEAcS_6STB17M_s_OSkvzknA
.pubmatic.com/	1970-01-20 01:39:13	Name: KRTBCOOKIE_57 Value: 22776-8973840179362310736
.pubmatic.com/	1970-01-20 08:15:13	Name: KRTBCOOKIE_27 Value: 16735-uid:013c61bd-0512-4900-bf48-fb2bdf1b36da&KRTB&16736-uid:013c61bd-0512-4900-bf48-fb2bdf1b36da&KRTB&23019-uid:013c61bd-0512-4900-bf48-fb2bdf1b36da&KRTB&23114-uid:013c61bd-0512-4900-bf48-fb2bdf1b36da
.pubmatic.com/	1970-01-20 00:12:49	Name: KRTBCOOKIE_1101 Value: 23040-7042790967150114970
.pubmatic.com/	1970-01-20 01:39:13	Name: KRTBCOOKIE_377 Value: 6810-7d1eb309-f165-4d72-88d7-117cfec90412&KRTB&22918-7d1eb309-f165-4d72-88d7-117cfec90412&KRTB&23031-7d1eb309-f165-4d72-88d7-117cfec90412
.pubmatic.com/	1970-01-20 00:12:49	Name: KRTBCOOKIE_391 Value: 22924-3352462481639665022&KRTB&23263-3352462481639665022
.pubmatic.com/	1970-01-20 01:39:13	Name: KRTBCOOKIE_153 Value: 1923-l2di6JFjMb6MZWW-lGUtvpQwN7WMbma7wDcmv7LL&KRTB&19420-l2di6JFjMb6MZWW-lGUtvpQwN7WMbma7wDcmv7LL&KRTB&22979-l2di6JFjMb6MZWW-lGUtvpQwN7WMbma7wDcmv7LL
.adsniper.ru/	1970-01-27 06:41:37	Name: uuid3 Value: IiRiNWRiNmE5OC01ZjgyLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.1rx.io/	1970-01-20 08:15:13	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003%22%7D
.turn.com/	1970-01-20 03:48:49	Name: uid Value: 2373281510821007953
.yahoo.com/	1970-01-20 08:15:35	Name: A3 Value: d=AQABBBIFvWECEAFCOSK1atyhtHdp-bMGdkcFEgEBAQFWvmHGYQAAAAAA_SMAAA&S=AQAAAv7vGRFIWsUlcyZsChFwXGI
.everesttech.net/	1970-01-20 08:15:13	Name: everest_g_v2 Value: g_surferid~Yb0FEgAMrIMQKQAz
.pubmatic.com/	1970-01-20 00:12:49	Name: SPugT Value: 1639777552
.pubmatic.com/	1970-01-20 00:12:49	Name: KRTBCOOKIE_336 Value: 5844-1911885660412990069
.adhigh.net/	1970-01-20 08:15:13	Name: gi_u Value: 85trpsnytxS.AikABlF9ylvPlg
.pubmatic.com/	1970-01-20 01:39:13	Name: KRTBCOOKIE_218 Value: 4056-Yb0FEgAMrIMQKQAz&KRTB&22978-Yb0FEgAMrIMQKQAz&KRTB&23194-Yb0FEgAMrIMQKQAz&KRTB&23209-Yb0FEgAMrIMQKQAz
.pubmatic.com/	1970-01-20 00:12:49	Name: KRTBCOOKIE_22 Value: 14911-2373281510821007953
ads.playground.xyz/	1970-01-19 23:38:48	Name: connect.sid Value: s%3As4g2HEXM6m0QbCdx1eQucebaQojL_3QO.eWpsbpFL5y6YnyuA7psm5HrVvds2TBxu2yj57fyFv1A
.bumlam.com/	1970-01-27 06:41:37	Name: suuid3 Value: IiRiNWRiNmE5OC01ZjgyLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.adsby.bidtheatre.com/	1970-01-19 23:39:42	Name: __kuid Value: 516088a6-3eec-4e3d-b163-ef6ea8e5cec7.408991554
.targeting.unrulymedia.com/	1970-01-20 08:15:13	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003%22%7D
.bidr.io/	1970-01-20 08:58:07	Name: bito Value: AAK5SU7DegoAAECSigsQMA
.bidr.io/	1970-01-20 08:58:07	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-20 00:12:49	Name: KRTBCOOKIE_594 Value: 17107-RX-a8bb5cc0-57b2-43f1-b9d7-1e2ae4f7d2ff-003
.adhigh.net/	1970-01-20 08:15:13	Name: btw_sync Value: I9b
.pubmatic.com/	1970-01-20 01:39:13	Name: KRTBCOOKIE_466 Value: 16530-bb391dc3-715a-460c-952c-6330e3923d9c
.pubmatic.com/	1970-01-20 03:48:49	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.onaudience.com/	1970-01-20 08:15:13	Name: cookie Value: 45a46062cf84d101
.onaudience.com/	1970-01-19 23:31:03	Name: done_redirects161 Value: 1
.tribalfusion.com/	1970-01-20 01:39:13	Name: ANON_ID Value: aMnseFR3YWi7UXuRvsrdkQZbhBm2PHQiDkZb2G2YbcV2FF6K2FUALcNJylZdDF5ymrBGZbqCUIS7WPSgjf9qLZdyE
.exelator.com/	1970-01-20 02:22:25	Name: EE Value: "af3c883343ba6fec5251ef8402004e3a"
sync.srv.stackadapt.com/	1970-01-20 08:15:13	Name: sa-user-id Value: s%3A0-aebc5240-bd70-42f7-7c2f-b863d065d14a.MO2pWNUbc%2Btk1kUsl45LnNe72obtP3e5fI5zB2FCyE8
.srv.stackadapt.com/	1970-01-20 08:15:13	Name: sa-user-id-v2 Value: s%3A0-aebc5240-bd70-42f7-7c2f-b863d065d14a%24ip%2491.199.118.79.WG20itTcAs%2B2JG8J09T4Il%2Fk4Q8Vg%2FYtXuG9n9WnoJ8
.pubmatic.com/	1970-01-20 01:39:13	Name: KRTBCOOKIE_860 Value: 16335-rrxSQL1wQvd8L7hj0GXRSlvHdk8
.pubmatic.com/	1970-01-20 00:12:49	Name: PugT Value: 1639777553
.exelator.com/	1970-01-20 02:22:25	Name: ud Value: "eJxrXxzq6XKLQSExzTjZwsLY2MQ4KdEsLTXZ1MjUMDXNwsTAyMDAJNU4cXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F73uqBwB%252BUCow"
event.clientgear.com/	1970-01-20 03:48:49	Name: mkuuid Value: mkdbb4842b-1ba4-4bf9-90be-43556e8191d6
.betweendigital.com/	1970-01-20 08:15:13	Name: ut Value: Yb0FEgAMpkhCiVOKkK6Hj7X9YdNg1Ol81nY-Cg==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=3762983755526643529 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8973840179362310736 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acdn.adnxs.com
ad.sxp.smartclip.net
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.smartstream.tv
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
ap.lijit.com
bidder.criteo.com
c1.adform.net
cache.betweendigital.com
cdn.mfad.inskinad.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
core.iprom.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
ead7f38e75bbe3f0afade60b48518300.safeframe.googlesyndication.com
eus.rubiconproject.com
event.clientgear.com
googleads.g.doubleclick.net
gramhir.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
loada.exelator.com
m.addthis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mfad.inskinad.com
mp.4dex.io
mug.criteo.com
node.setupad.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.adhigh.net
rtb.gumgum.com
s.tribalfusion.com
s1.adform.net
s7.addthis.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.criteo.net
stpd.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync3.adsniper.ru
sync3.sniperlog.ru
tags.adsafety.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
z.moatads.com
rtb.gumgum.com
s7.addthis.com
104.109.78.125
104.75.88.126
141.95.3.9
142.250.185.98
145.239.1.221
147.75.38.124
151.101.129.44
151.101.66.49
151.236.118.210
159.65.196.12
159.89.25.223
169.50.137.182
172.217.16.130
178.250.0.165
178.250.2.146
178.250.2.151
18.195.177.130
185.184.8.65
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.80
185.64.190.81
188.165.4.142
193.232.150.150
195.5.165.20
198.47.127.19
2.18.232.130
2.18.233.180
2.18.235.40
2.19.35.65
2001:678:cb4:bbbb::11
2001:6d0:4001::226
213.155.156.185
213.19.147.45
23.88.75.188
2600:9000:236e:6c00:17:8296:f1c0:93a1
2606:4700:20::681a:8a9
2606:4700:20::681a:9b2
2606:4700:20::681a:bd1
2606:4700:20::ac43:46b7
2606:4700:3108::ac42:28fd
2606:4700::6812:372
2606:4700::6812:c05
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:13::1370
2a04:4e42::300
2a05:d018:d29:3601:6aba:1333:1e2b:7cf5
3.126.56.137
3.214.202.18
3.33.220.150
31.172.81.158
31.172.81.172
34.102.253.54
34.237.23.137
34.248.204.54
34.254.143.3
35.186.194.101
37.157.2.238
37.157.2.239
37.157.4.41
37.157.6.234
37.252.172.123
37.252.173.27
47.252.78.131
51.77.65.176
51.79.83.225
66.155.71.25
69.173.144.138
69.173.144.165
72.251.245.181
72.251.249.13
85.114.159.93
85.90.246.246
89.108.120.76
96.46.183.20
017ea9a66b3bb13453d38b8f0027fb112b8fd09b2ef19152b41c5e7a5ec63e72
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
060a9d52fbe3f47cfe149e43092a02529b993610f5cc55a2c216254f748436c9
0a1eafa4c68c55a2eec47d87337f1a29e94c47729a0fd3a4502f8cb471df42cb
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
10b43c2c0ec666e5e81b56e2ac9e26a39b81717530a813f7b25e2a23e6617d10
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1fe93ef7c7244ed265ba2cfef454eaa57707f2e7649525598608b307a2a22aa5
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
239fd6b53992199974e023c2c7ae7a4626a48b3304ebeef6c1fe5f9caa588eeb
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
25043f0ac8c28d57cf2ba5f532ed045d8b3b4b1f9a7ac61f269f73f6947e7348
2a5cdaaafdd666defd7fcbd82a10bdbf6ef1ad0623a795e8a1402453891eac94
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f
2c2cd2a4097f44833817993ded2514b688066ac86d87a1e59a6b6f5369c15cfb
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
321c357d2ef884ed986f10b63d476fd7b592d08852a193e4bf903b834487d1c3
364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36d10a43fad248c5126a4b5589b9e697aee9265ce3a0ea229126b824a8467fb5
388e0a43a809b37d3d3b47e7eb660c8c60af3144be50c7b0421ad122e37a82ac
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
413bce37a2afdeee4cc57e811c677459f10e3472c9027614c01f22ca8726416e
424b90ab7daad02dadd1797491125bab4c5902c4747d43c501df2173533fa31c
4479a3c8e531c5ba203d2cb09ed33576bf0c9538060449362c1b5fae10093c4c
45fbdad0412ebdbc836f5eeed2ed8adf4e26aa2b612518fbf9cf29c5b83cfc19
4734ad6d0381c5320a9bd48cc2669cd768babe44676e6a18caea1151b6edc52e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
499302acd5a80c005dd28102f29db54436f9fca5936bcd093220191216bfe985
4a880ca860b0dfd58886aeb5566f01ed3e6824f4223c98c6bf839d1196047c42
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f8d2a6e05e78ab51e90bca14a36881df1015f9adc3d02f01e57801974e38c69
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
513921e3d35b1482c5af60dd2dd192ec8ae2ac619e4b1cc0a2e6c5b516e16cc5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5b81b750507ab94aef64cd486674a0ee0e9badcaeda0cb008fe2b3f893a8fdbb
5be8e095e2fd0837f7ceefffaf25b2aa3579180714c27f2d9cacfb0cc9f87872
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65994e8ef6076d835a1d0f2a07e9ddf0302fcbb9b5d82cc3dd555c56a8284b9d
66618420950886ffdf8e775e36af9a25f6a7947dd5f8ed64a1c135ed66cfc84b
68660829c68d05798c956885de4aa5ad8cfbb5033a210db9f040ad53ab9a22f1
69132eb2f05e13a4c63a410722925db45aee5c05b3cb792fcb602e890ee69860
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d454836811751ba1e4aab9a00ef8a5655eb2d7989ab14ca4ba199704ae11e25
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
82c6cfdc7f7b4e2e904632e678a076294d71741b41f06b069b1b07568b02e355
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8d22341f68e20d3487a0f5ddb61f01a9303fd39b6025b0a9a4eb2ed7350bf442
9036f94411f6c5eb8375cb731ff8040782f1471458d9a3ecaf8d1df7394e23bf
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06b2069a29e8ec11194fafb2d80577880568e27d910e6eaa67e712a90fbb9bc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7559aa64aa435861fe8fa1cdd7e76abcaad57fe9661538f0e2296012919c854
a7f67375c863a6e285f7d0edde658c0e39c39cf8b6976532923f8e0b41732bff
a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5592fb740954d5a92e2c24d18ddc4af2e53d42da3ad30e2a44c793d49a45f69
b6c5a8b45422bfaddda28442f8feedacd45d6c3707272a9246add185ad07213e
b81f6b545c07296b3441ad22cf90d5211e1df73068b84bdda5d5bdff722e647a
c05e33e6c4251ad52eb977a7c942acd52fca8c4bb96d109d3314160e447a0e27
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c74b6a7ddaa46adf2d3cef213caac468c8c448fa5161a8466ecaaa44d61272f3
cea22d911e92222dbfede091756ddef209ca86a941285df534ee94e93fd31e3e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b05b9ba1f6295cc898a0bdaf91f9922c21043a3fd13e10a17a0c031b72e081
d53647f039159281615350ac2327ceedd338d3ce02eabb8201959fe577e26037
d64e186a7bed2335504df681caafd2464b412fdedad38bb645fc6926508e6665
d9fcc045f43efd550956fa78c5dc68a63fc5e04fbaa5edab5905c5c34b9890f1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed
dfd1b4c75d3f6e21151d1b6b90e5a134e249edaf6587d1b15a03118109a0b516
e1f615c202511439b3122abe5f8cd06947493e6a4ca03b6f4ac1fd46814e30ba
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
ebc36d5676987302c33127c7e5196d5f4f5ee5bdd69f952b96d0d2752514fbef
ee1c9d86286d4272cbd75b5a9dfc97bcf50d7abf1a976b3341b89c008228a18a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f41e7913223581ed5ae91c9d43c6c9acba78bee7879f64515d585f32424c5e7f
f7fc64440f3353cb63c713aa3271fd0850688ef47bb855d8533d103754811c15
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
fcb2eb37a2240657d1f93d3f0c1223be7c8d3269a7474fa43996447c88a3ec0b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

gramhir.com Open in urlscan Pro 2606:4700:20::ac43:46b7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

188 Requests

81 %HTTPS

30 %IPv6

66 Domains

96 Subdomains

60 IPs

12 Countries

1793 kBTransfer

4919 kBSize

103 Cookies

1 Outgoing links

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gramhir.com Open in urlscan Pro
2606:4700:20::ac43:46b7 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

81 %
HTTPS

30 %
IPv6

66
Domains

96
Subdomains

60
IPs

12
Countries

1793 kB
Transfer

4919 kB
Size

103
Cookies

188 HTTP transactions
1 data transactions