user1.klaymanaria.ga Open in urlscan Pro
2606:4700:3033::ac43:8a74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user1.klaymanaria.ga/
Submission: On February 24 via automatic, source certstream-suspicious (February 24th 2023, 7:36:49 pm UTC) — Scanned from DE

Summary HTTP 162 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 58 IPs in 8 countries across 64 domains to perform 162 HTTP transactions. The main IP is 2606:4700:3033::ac43:8a74, located in United States and belongs to CLOUDFLARENET, US. The main domain is user1.klaymanaria.ga.
TLS certificate: Issued by E1 on January 8th 2023. Valid for: 3 months.

This is the only time user1.klaymanaria.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3033::ac43:8a74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a02:26f0:10e... 2a02:26f0:10e::6860:5b69	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2a04:4e42::731 2a04:4e42::731	54113 (FASTLY) (FASTLY)
4	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:804::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6813:bb61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1 4	95.101.23.64 95.101.23.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.5.92.241 52.5.92.241	14618 (AMAZON-AES) (AMAZON-AES)
1	3.208.202.151 3.208.202.151	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.191.98 13.224.191.98	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	54.243.216.36 54.243.216.36	14618 (AMAZON-AES) (AMAZON-AES)
1	184.29.200.118 184.29.200.118	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.243.19.114 34.243.19.114	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
10	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2 6	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
5	52.58.138.83 52.58.138.83	16509 (AMAZON-02) (AMAZON-02)
12	34.249.209.209 34.249.209.209	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.77 185.64.190.77	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.147.40 18.66.147.40	16509 (AMAZON-02) (AMAZON-02)
6	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.253.68.108 34.253.68.108	16509 (AMAZON-02) (AMAZON-02)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 5	185.86.139.94 185.86.139.94	() ()
2 2	23.2.211.147 23.2.211.147	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:21f... 2600:9000:21f3:a800:1f:4c18:bd40:93a1	() ()
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2 2	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	216.52.2.39 216.52.2.39	() ()
4 4	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 1	46.228.164.11 46.228.164.11	() ()
1 1	193.0.160.130 193.0.160.130	() ()
1	69.166.1.12 69.166.1.12	() ()
1 1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
4 4	18.156.0.31 18.156.0.31	() ()
1 1	3.209.243.37 3.209.243.37	() ()
1	52.28.36.30 52.28.36.30	() ()
4 4	69.173.144.139 69.173.144.139	() ()
7 10	142.251.208.162 142.251.208.162	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
2 4	52.46.128.147 52.46.128.147	() ()
1 2	52.94.222.140 52.94.222.140	() ()
1 3	2a05:d018:d29... 2a05:d018:d29:3602:2bd9:9049:1377:8ebc	() ()
3	69.173.144.138 69.173.144.138	() ()
3	15.197.193.217 15.197.193.217	() ()
1 1	37.252.171.53 37.252.171.53	() ()
14	34.247.205.196 34.247.205.196	() ()
6 6	52.28.194.209 52.28.194.209	() ()
2 2	3.120.67.15 3.120.67.15	() ()
1 1	54.221.12.17 54.221.12.17	() ()
1 1	34.235.231.136 34.235.231.136	() ()
1	2603:c020:400... 2603:c020:400d:3000:385:a458:2098:ba6f	() ()
1	38.91.45.7 38.91.45.7	() ()
2 2	64.74.236.127 64.74.236.127	() ()
2 2	34.246.74.92 34.246.74.92	() ()
1 1	198.148.27.139 198.148.27.139	() ()
1 2	185.80.39.216 185.80.39.216	() ()
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:c6ce:33c1:7eb8:baae	() ()
1 1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	() ()
1	104.18.25.185 104.18.25.185	() ()
1	2606:4700:20:... 2606:4700:20::681a:bd1	() ()
1 1	185.29.134.248 185.29.134.248	() ()
2 2	151.101.66.49 151.101.66.49	() ()
1 1	80.77.87.166 80.77.87.166	() ()
2 2	185.184.8.90 185.184.8.90	() ()
2 2	35.210.53.219 35.210.53.219	() ()
2 2	162.19.80.91 162.19.80.91	() ()
1 1	185.183.112.155 185.183.112.155	() ()
162	58

3 2606:4700:3033::ac43:8a74 (United States)

ASN13335 (CLOUDFLARENET, US)

user1.klaymanaria.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:10e::6860:5b69 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

zdstatic.speedtest.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ziffstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a04:4e42::731 (United States)

ASN54113 (FASTLY, US)

b.cdnst.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.23.64 (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-64.deploy.static.akamaitechnologies.com

cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.92.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-92-241.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.202.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-202-151.compute-1.amazonaws.com

gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.191.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-191-98.fra2.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.216.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-216-36.compute-1.amazonaws.com

jogger.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.29.200.118 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-200-118.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.19.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-19-114.eu-west-1.compute.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.24.185 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

ookla-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.138.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-83.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.249.209.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-40.fra60.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.68.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-68-108.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.139.94 (None, ) 1 redirects

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.2.211.147 (Amsterdam, Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-211-147.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a800:1f:4c18:bd40:93a1 (None, )

ASN- ()

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.45 (Castricum, Netherlands) 4 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (None, ) 4 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.243.37 (None, ) 1 redirects

ASN- ()

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.36.30 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.208.162 (None, ) 7 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.128.147 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.222.140 (None, ) 1 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:2bd9:9049:1377:8ebc (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.53 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.247.205.196 (None, )

ASN- ()

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.28.194.209 (None, ) 6 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.67.15 (None, ) 2 redirects

ASN- ()

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.12.17 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.231.136 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:385:a458:2098:ba6f (None, )

ASN- ()

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (None, )

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.127 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.74.92 (None, ) 2 redirects

ASN- ()

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (None, ) 1 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:c6ce:33c1:7eb8:baae (None, )

ASN- ()

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (None, ) 1 redirects

ASN- ()

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN- ()

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.166 (None, ) 1 redirects

ASN- ()

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (None, ) 2 redirects

ASN- ()

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (None, ) 2 redirects

ASN- ()

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.80.91 (None, ) 2 redirects

ASN- ()

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (None, ) 1 redirects

ASN- ()

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 eus.rubiconproject.com — Cisco Umbrella Rank: 533 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 844 token.rubiconproject.com pixel.rubiconproject.com pixel-us-east.rubiconproject.com Failed	38 KB
17	yahoo.com 5 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 834 ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	3 KB
16	cdnst.net b.cdnst.net — Cisco Umbrella Rank: 44745	1 MB
15	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1394 usersync.gumgum.com	5 KB
13	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1867 public.servenobid.com — Cisco Umbrella Rank: 3616	9 KB
13	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net	159 KB
10	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 282 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 476 s.amazon-adsystem.com aax-eu.amazon-adsystem.com	55 KB
9	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 479 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431 dsum-sec.casalemedia.com dsum.casalemedia.com	6 KB
8	zdbb.net 1 redirects cdn.static.zdbb.net — Cisco Umbrella Rank: 16334 gurgle.zdbb.net — Cisco Umbrella Rank: 21711 jogger.zdbb.net — Cisco Umbrella Rank: 17303 zdbb.net — Cisco Umbrella Rank: 11100	32 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 372	136 KB
6	bidswitch.net 6 redirects x.bidswitch.net	2 KB
6	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 948 match.sharethrough.com	836 B
6	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 457 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 447 image6.pubmatic.com — Cisco Umbrella Rank: 725	96 KB
5	smartadserver.com 1 redirects ssbsync.smartadserver.com rtb-csync.smartadserver.com	2 KB
4	openx.net 2 redirects ookla-d.openx.net — Cisco Umbrella Rank: 48272 u.openx.net — Cisco Umbrella Rank: 621 us-u.openx.net	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	66 KB
3	adsrvr.org match.adsrvr.org	793 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 510	2 KB
3	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 869 ap.lijit.com	2 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com	3 KB
3	klaymanaria.ga user1.klaymanaria.ga	50 KB
2	dyntrk.com 2 redirects gu.dyntrk.com	1 KB
2	admedo.com 2 redirects pool.admedo.com	759 B
2	creativecdn.com 2 redirects creativecdn.com	701 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	645 B
2	360yield.com 2 redirects ad.360yield.com	625 B
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 494	1022 B
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 673	451 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	163 KB
2	speedtest.net 1 redirects zdstatic.speedtest.net — Cisco Umbrella Rank: 52613	16 KB
1	adotmob.com 1 redirects sync.adotmob.com	712 B
1	admanmedia.com 1 redirects cs.admanmedia.com	660 B
1	mathtag.com 1 redirects sync.mathtag.com	660 B
1	ad4m.at ad4m.at
1	dotomi.com 1 redirects casale-match.dotomi.com	182 B
1	adroll.com d.adroll.com	181 B
1	contextweb.com 1 redirects bh.contextweb.com	550 B
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	293 B
1	ipredictive.com 1 redirects sync.ipredictive.com	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	580 B
1	linkedin.com px.ads.linkedin.com	649 B
1	disqus.com 1 redirects ssp.disqus.com	275 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 918	191 B
1	sonobi.com sync.go.sonobi.com	500 B
1	rfihub.com 1 redirects p.rfihub.com	735 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	465 B
1	turn.com 1 redirects ad.turn.com	434 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1626	160 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com	485 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 712
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608	2 KB
1	adnxs-simple.com ib.adnxs-simple.com — Cisco Umbrella Rank: 9197	835 B
1	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 2154	405 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 4365	16 KB
1	ziffstatic.com cdn.ziffstatic.com — Cisco Umbrella Rank: 17908	95 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 912	17 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 669	331 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 603	295 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	26 KB
0	adform.net Failed dmp.adform.net Failed
0	outbrain.com Failed sync.outbrain.com Failed
162	64

	Domain	Requested by
16	b.cdnst.net	user1.klaymanaria.ga b.cdnst.net
14	usersync.gumgum.com	g2.gumgum.com
12	ads.servenobid.com	b.cdnst.net public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com ssbsync.smartadserver.com
10	cm.g.doubleclick.net	7 redirects g2.gumgum.com
10	c2shb.pubgw.yahoo.com	b.cdnst.net
7	cdn.cookielaw.org	zdstatic.speedtest.net cdn.ziffstatic.com
6	x.bidswitch.net	6 redirects
6	eus.rubiconproject.com	b.cdnst.net public.servenobid.com eus.rubiconproject.com g2.gumgum.com
5	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com public.servenobid.com ssum-sec.casalemedia.com
5	btlr.sharethrough.com	b.cdnst.net
5	fastlane.rubiconproject.com	b.cdnst.net
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	token.rubiconproject.com	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	cdn.static.zdbb.net	1 redirects user1.klaymanaria.ga cdn.static.zdbb.net
4	ads.pubmatic.com	user1.klaymanaria.ga b.cdnst.net public.servenobid.com g2.gumgum.com
3	rtb-csync.smartadserver.com	ssbsync.smartadserver.com
3	match.adsrvr.org	ssum-sec.casalemedia.com g2.gumgum.com
3	pixel.rubiconproject.com	g2.gumgum.com
3	pr-bh.ybp.yahoo.com	1 redirects g2.gumgum.com ssum-sec.casalemedia.com
3	sync.1rx.io	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	securepubads.g.doubleclick.net	b.cdnst.net www.googletagservices.com
3	c.amazon-adsystem.com	b.cdnst.net c.amazon-adsystem.com
3	user1.klaymanaria.ga	user1.klaymanaria.ga b.cdnst.net
2	gu.dyntrk.com	2 redirects
2	pool.admedo.com	2 redirects
2	creativecdn.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
2	ad.360yield.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	us-u.openx.net	2 redirects
2	a.sportradarserving.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects
2	ce.lijit.com	2 redirects
2	ib.adnxs.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	stags.bluekai.com	1 redirects tags.bkrtx.com
2	zdbb.net	cdn.static.zdbb.net
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	www.googletagmanager.com	user1.klaymanaria.ga www.googletagmanager.com
2	zdstatic.speedtest.net	1 redirects user1.klaymanaria.ga
1	sync.adotmob.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	d.adroll.com	ssum-sec.casalemedia.com
1	bh.contextweb.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	px.ads.linkedin.com
1	match.sharethrough.com	public.servenobid.com
1	ssp.disqus.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	p.rfihub.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	ap.lijit.com	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	onetag-sys.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	image6.pubmatic.com	ads.pubmatic.com
1	js-sec.indexww.com	b.cdnst.net
1	u.openx.net	b.cdnst.net
1	public.servenobid.com	b.cdnst.net
1	hbopenbid.pubmatic.com	b.cdnst.net
1	ib.adnxs-simple.com	b.cdnst.net
1	ookla-d.openx.net	b.cdnst.net
1	htlb.casalemedia.com	b.cdnst.net
1	cdn.krxd.net	cdn.static.zdbb.net
1	tags.bkrtx.com	cdn.static.zdbb.net
1	jogger.zdbb.net	cdn.static.zdbb.net
1	region1.google-analytics.com	www.googletagmanager.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	gurgle.zdbb.net	cdn.static.zdbb.net
1	cdn.ziffstatic.com	zdstatic.speedtest.net
1	cdn.id5-sync.com	user1.klaymanaria.ga
1	trc.taboola.com	user1.klaymanaria.ga
1	geolocation.onetrust.com	zdstatic.speedtest.net
1	www.googletagservices.com	user1.klaymanaria.ga
0	pixel-us-east.rubiconproject.com Failed	public.servenobid.com
0	dmp.adform.net Failed	ssbsync.smartadserver.com
0	sync.outbrain.com Failed	g2.gumgum.com
162	92

This site contains links to these domains. Also see Links.

Domain
www.ookla.com
downdetector.com
www.speedtest.net
www.microsoft.com
install.speedtest.net
twitter.com
www.facebook.com
single.speedtest.net
www.ziffdavis.com
www.ign.com
www.pcmag.com
www.extremetech.com
www.geek.com
www.toolbox.com
www.askmen.com
www.offers.com
www.blackwomentalktech.com
www.empoweronyx.com
www.cxmmunity.co
status.ookla.com

Subject Issuer	Validity	Valid
*.klaymanaria.ga E1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.speedtest.net GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-19` - `2023-08-20`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
www.ziffdavis.com COMODO RSA Organization Validation Secure Server CA	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.zdbb.net Amazon RSA 2048 M02	`2023-02-21` - `2023-05-04`	2 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-01-17`	a year	crt.sh
zdbb.net Amazon RSA 2048 M02	`2023-02-10` - `2024-01-25`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-09`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2022-02-25` - `2023-03-28`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
ads.servenobid.com Amazon RSA 2048 M02	`2023-02-09` - `2023-06-27`	5 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.servenobid.com Amazon	`2023-01-07` - `2024-02-05`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.minutemedia-prebid.com Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://user1.klaymanaria.ga/
Frame ID: 459B082EC0A2EC7FC99FEC01AEF53431
Requests: 81 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Duser1.klaymanaria.ga&phint=referer%3Dhttps%3A%2F%2Fuser1.klaymanaria.ga%2F&phint=bbseg%3D6848&phint=bbseg%3D6834&phint=bbseg%3D6837&phint=bbseg%3D6823&phint=__bk_t%3DSpeedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&phint=__bk_k%3Dookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeed%20test%2Cbandwidth%20speed%20test%2Cinternet%20speed%20test%2Cbroadband%20speed%20test%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cip%20address%2Ctcp&phint=__bk_l%3Dhttps%3A%2F%2Fuser1.klaymanaria.ga%2F&phint=__bk_v%3D3.1.10&limit=10&r=83573239
Frame ID: DF95685374E1FBE23E1A4A9EF65AF233
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?usp_consent=1---
Frame ID: C5900E89CEDC302A3A6C23E6DAC5A2FB
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 9853C1FDF794E2771A190E2A8D4E205B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159017&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: BFD2F00B66DACABA09E648A33562007F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&us_privacy=1---
Frame ID: 15AC2878C73DA401E2C92B359E23A956
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 91A57958E7CF3BD62D18361920AE3707
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPnr-wAPnr-wAAcABBENC5CgAAAAAH_AACiQAAASbAJMNW4gC7MscGbaMIoEQIwrCQqgUAFFAMLRAYQOrgp2VwE-sIkACAUATgRAhwBRgwCAAASAJCIgJAjwQCAAiAQAAgAVCIQAMbAILACwMAgAFANCxRigCECQgyICIpTAgKkSCgnsqEEoP9DTCEOssAKDR_xUICNZAxWBEJCwchwRICXiyQPMUb5ACMAKAUSoVqKT00AA.YAAAD_gAAAAA&d=https%3A%2F%2Fuser1.klaymanaria.ga%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1ECB644022A4AC4E423B60A58895CBC2
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: BC66D88E775C6E291E0C93EB0C11679D
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 2205FC29C83D4083C27DD189A2F57F0E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: C25DA83F407C38F6D32472021CEB189A
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 0443E38E6D8AA41FFB4D8747D1734F56
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 263E5C85F51A3B5F81EECB810DB6C690
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: F479E2590769802FD1E7EF8D02D31043
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: A0E9BDF56D2DD1C4E85A8C931D5F6D99
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Frame ID: 09C088BF7074DFCF209E2DBE29F40EA6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=47b863f9-11d1-4900-8c4b-eb698fbba836&gdpr=0&gdpr_consent=
Frame ID: C802F7F91E76EA6EA5372E1294F703CF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y-kR0QAJmhNbLQAF&gdpr=0&gdpr_consent=&_test=Y-kR0QAJmhNbLQAF
Frame ID: C224F8E71B2F0E9617D0B22738971DF9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTk4ZjI2ZS0zYzMwLTQzNTMtYTFlMS02OTdjZjUzODdjMzc=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: E26C04ACAFDDE4B22241ECA179533197
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 0D5513CBA168D7DF08C8240E6AF6D60B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: A3A9C3E809478E0C12C0D519BEFC5EB6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y-kR0cCo8YQAAPPtCsYAAAAA
Frame ID: 1D050871EE8C6BF69D6183B38024D130
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=c3d3089b-f06d-4531-a58e-a702c4dbeca8
Frame ID: 646AEC5CB0C073B5730CA44E470EA50A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y-kR0KTZOd0CG7fvc5kVMQAA%261130
Frame ID: DC24ABF15F5EDD52E3239E298F3E7874
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=UdznrocmtP6SZuBBQJbd&pi=gumgum&tc=1
Frame ID: F09EFE03893E0FD5B472CF59DF45302B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: A37C51321A3C3B5AACDA51CE5B4AF0AA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Speedtest by Ookla - The Global Broadband Speed Test

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

162
Requests

76 %
HTTPS

24 %
IPv6

64
Domains

92
Subdomains

58
IPs

8
Countries

2411 kB
Transfer

7469 kB
Size

21
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ookla.com/analysis
Title: Analysis

Search URL Search Domain Scan URL

URL: https://www.ookla.com/articles
Title: Articles

Search URL Search Domain Scan URL

URL: https://www.ookla.com/network
Title: Network

Search URL Search Domain Scan URL

URL: https://www.ookla.com/enterprise
Title: Enterprise

Search URL Search Domain Scan URL

URL: https://www.ookla.com/speedtest-intelligence
Title: Speedtest Intelligence

Search URL Search Domain Scan URL

URL: https://www.ookla.com/cell-analytics
Title: Cell Analytics

Search URL Search Domain Scan URL

URL: https://www.ookla.com/wind
Title: Ookla Wind

Search URL Search Domain Scan URL

URL: https://www.ookla.com/spatialbuzz
Title: Spatialbuzz

Search URL Search Domain Scan URL

URL: https://www.ookla.com/speedtest-powered
Title: Speedtest Powered

Search URL Search Domain Scan URL

URL: https://www.ookla.com/gis-datasets
Title: GIS Datasets

Search URL Search Domain Scan URL

URL: https://www.ookla.com/speedtest-custom
Title: Speedtest Custom

Search URL Search Domain Scan URL

URL: https://www.ookla.com/cell-maps
Title: Cell Maps

Search URL Search Domain Scan URL

URL: https://www.ookla.com/tower-source
Title: Tower Source

Search URL Search Domain Scan URL

URL: https://www.ookla.com/map-elements
Title: Map Elements

Search URL Search Domain Scan URL

URL: https://www.ookla.com/partnerships
Title: Partners & Programs

Search URL Search Domain Scan URL

URL: https://downdetector.com/enterprise/
Title: Downdetector Enterprise

Search URL Search Domain Scan URL

URL: https://www.ookla.com/about/press
Title: Press

Search URL Search Domain Scan URL

URL: https://www.ookla.com/about/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.speedtest.net/login
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/p/speedtest-by-ookla/9nblggh4z1jc

Search URL Search Domain Scan URL

URL: https://install.speedtest.net/app/windows/latest/speedtestbyookla_x64.msi
Title: 64-bit

Search URL Search Domain Scan URL

URL: https://install.speedtest.net/app/windows/latest/speedtestbyookla_x86.msi
Title: 32-bit

Search URL Search Domain Scan URL

URL: https://twitter.com/speedtest
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/speedtest
Title: Facebook

Search URL Search Domain Scan URL

URL: https://single.speedtest.net/
Title: Single Connection Test

Search URL Search Domain Scan URL

URL: https://downdetector.com/
Title: Downdetector®

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/cookie-policy
Title: Cookie Policy.

Search URL Search Domain Scan URL

URL: https://www.ookla.com/

Search URL Search Domain Scan URL

URL: https://www.ookla.com/ookla-for-good
Title: Ookla for Good

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/
Title: Ziff Davis

Search URL Search Domain Scan URL

URL: https://www.ign.com/
Title: IGN

Search URL Search Domain Scan URL

URL: https://www.pcmag.com/
Title: PCMag

Search URL Search Domain Scan URL

URL: https://www.extremetech.com/
Title: ExtremeTech

Search URL Search Domain Scan URL

URL: https://www.geek.com/
Title: Geek

Search URL Search Domain Scan URL

URL: https://www.toolbox.com/
Title: Toolbox

Search URL Search Domain Scan URL

URL: https://www.askmen.com/
Title: AskMen

Search URL Search Domain Scan URL

URL: https://www.offers.com/
Title: Offers.com

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/general/group-black-and-ziff-davis-partner-to-amplify-and-scale-black-voices-in-media

Search URL Search Domain Scan URL

URL: https://www.blackwomentalktech.com/our-perspective
Title: BlackWomenTalkTech

Search URL Search Domain Scan URL

URL: https://www.empoweronyx.com/
Title: Empower Onyx

Search URL Search Domain Scan URL

URL: https://www.cxmmunity.co/
Title: Cxmmunity

Search URL Search Domain Scan URL

URL: https://status.ookla.com/
Title: Network Status

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/privacy-policy
Title: Our Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://zdstatic.speedtest.net/jst/zdconsent.js HTTP 302
https://zdstatic.speedtest.net/jst/zdconsent_eu.js

Request Chain 33

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Request Chain 97

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 98

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 102

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=4472121478697305786

Request Chain 103

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=GNjYrRZHXBsMgg8GTaObKgH_

Request Chain 105

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1677267408895 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=8240627133 HTTP 302
https://sync.1rx.io/usersync/turn/4013456029012047109?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-abf24480-aba5-4c95-b441-e47f28958366-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-abf24480-aba5-4c95-b441-e47f28958366-003 HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-abf24480-aba5-4c95-b441-e47f28958366-003

Request Chain 106

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5124322325179478603

Request Chain 108

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=213c55d6-96ea-4e90-b5ae-15e6b34b3364&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 109

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-g69opFlE2uGex82zUTCZVnAjAt_9RHhFe5DphT8-~A

Request Chain 110

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-e518a0be-9775-368b-9713-a4e5f7e7c28a

Request Chain 111

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-g69opFlE2uGex82zUTCZVnAjAt_9RHhFe5DphT8-~A

Request Chain 114

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzdmYTU1YjUyMjNhMTJjMzI4M2MyYTc1YzI2OGU3ZmIzMTk4M2RhMw&gdpr=1&us_privacy=1---

Request Chain 115

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJWFBHSEctUi1MTlRP&gdpr=1&us_privacy=1---

Request Chain 116

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEIXPGHG-R-LNTO&gdpr=1&us_privacy=1---

Request Chain 117

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 118

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 119

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/DU0uLMsFRJNn54sTo1Xmkw?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cza_sVRE2oLvgHkHS6qedJi0sj_sjckaKr9wGg--~A

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJojveSGOvGTuMsr3NiMl4s&google_cver=1

Request Chain 123

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=4472121478697305786

Request Chain 124

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3998f26e-3c30-4353-a1e1-697cf5387c37&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3998f26e-3c30-4353-a1e1-697cf5387c37&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f8aa452d-1072-4897-8907-3a74db36eae5&ssp=gumgum2 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=37b4c294-a332-4c7c-be60-97426e349e05

Request Chain 125

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ezQbHf4aPXQyykrcmPl0k35Zhv8YLofiV5QuN-yTk4Nwd7CprIK5kpr8QI0OiBqB%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ezQbHf4aPXQyykrcmPl0k35Zhv8YLofiV5QuN-yTk4Nwd7CprIK5kpr8QI0OiBqB%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3998f26e-3c30-4353-a1e1-697cf5387c37&obuid=ENC(ezQbHf4aPXQyykrcmPl0k35Zhv8YLofiV5QuN-yTk4Nwd7CprIK5kpr8QI0OiBqB) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7203808668329572498&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING

Request Chain 126

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=1fc79a2b-c4e5-46b1-8dab-6c80c41848c8

Request Chain 127

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-b4973b8f-cd61-4ce5-6498-1d679e92e5b6$ip$80.255.7.106

Request Chain 129

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=3e28dbe2-5393-46f2-9c08-0a4aaf42e94e

Request Chain 132

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3998f26e-3c30-4353-a1e1-697cf5387c37&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=K7_V9Vehvrh5GqbUvYKo&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SZXL5LDSVTFNB3HE2BVI5YWEVLWLFFW6JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SZXL5LDSVTFNB3HE2BVI5YWEVLWLFFW6JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=K7_V9Vehvrh5GqbUvYKo&us_privacy=1---

Request Chain 133

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=f6e2fd8b-8448-4757-ac60-154d1bb0f28d

Request Chain 134

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=1XNGHqfug3ic&ev=1&pid=558355

Request Chain 135

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=2821273827148388468

Request Chain 138

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB&dcc=t

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC_E6LgX-VjxwY1wHdfeUL4&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-kR0KTZOd0CG7fvc5kVMQAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Y-kR0KTZOd0CG7fvc5kVMQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO6qeyGJFmdosDwJUcqBAUM&google_cver=1

Request Chain 143

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1677353809

Request Chain 146

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=47b863f9-11d1-4900-8c4b-eb698fbba836&gdpr=0&gdpr_consent=

Request Chain 147

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y-kR0QAJmhNbLQAF HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=Y-kR0QAJmhNbLQAF&gdpr=0&gdpr_consent=&_test=Y-kR0QAJmhNbLQAF

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTk4ZjI2ZS0zYzMwLTQzNTMtYTFlMS02OTdjZjUzODdjMzc=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTk4ZjI2ZS0zYzMwLTQzNTMtYTFlMS02OTdjZjUzODdjMzc=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 151

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=Y-kR0cCo8YQAAPPtCsYAAAAA

Request Chain 152

https://cs.admanmedia.com/sync/gumgum?puid=e_3998f26e-3c30-4353-a1e1-697cf5387c37&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=aad&i=c3d3089b-f06d-4531-a58e-a702c4dbeca8

Request Chain 153

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=iex&i=Y-kR0KTZOd0CG7fvc5kVMQAA%261130

Request Chain 154

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=UdznrocmtP6SZuBBQJbd&pi=gumgum&tc=1

Request Chain 155

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 157

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=896573dc-8656-44b7-9225-86a25c754b76 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=896573dc-8656-44b7-9225-86a25c754b76 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=845b5927-581b-49c4-8906-be3b8432dcf5&user_group=1&ssp=smartadserver&bsw_param=896573dc-8656-44b7-9225-86a25c754b76 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=37b4c294-a332-4c7c-be60-97426e349e05&gdpr=&gdpr_consent=

Request Chain 158

https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGcwNHlJdUphRVJiUmFlLTREbDdXelRrSUEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGcwNHlJdUphRVJiUmFlLTREbDdXelRrSUEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESELMuUMOl04QEwnOEo3hEy7c&google_cver=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGcwNHlJdUphRVJiUmFlLTREbDdXelRrSUEiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=

Request Chain 159

https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03010003_63f911d132fef&knw= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010003_63f911d132fef&gdpr=0&gdpr_consent=

Request Chain 160

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08c5220403db3e3b92b22ad2&gdpr=0&gdpr_consent=

162 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user1.klaymanaria.ga/ 117 KB
34 KB 271ms
152ms Document
text/html 2606:4700:3033::ac43:8a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8a74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfae189ce74bb534dd50567f3da978f4aae4cd88c18e447cabb2df940027b6c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 79eaa6d2eff9995c-FRA
content-encoding: br
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Fri, 24 Feb 2023 19:36:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ze500S1mF3W7cU18gfOJmb75J4icI%2F9j57E%2FRBKQQSkTCCK7koOVENEPj4lsD9FahjtULztnfdo68Z4dDkqaxMA8KOVWmaScqCfVUARgzuvQoySFZU24%2FpUSFs8c%2B3ukGm5cZeWDeFNWVs4FIpb3yWaOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
x-frame-options: DENY

GET
H2

200

zdconsent_eu.js Show response
zdstatic.speedtest.net/jst/
Redirect Chain

https://zdstatic.speedtest.net/jst/zdconsent.js
https://zdstatic.speedtest.net/jst/zdconsent_eu.js

40 KB
16 KB

69ms
69ms

Script
application/javascript

2a02:26f0:10e::6860:5b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://zdstatic.speedtest.net/jst/zdconsent_eu.js
Requested by: Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/
Protocol: H2
Server: 2a02:26f0:10e::6860:5b69 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6102da2d165fd177ec0f386f9ca80527f3a372a288c3a02ec103395b91368587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:43 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 15:51:37 GMT
etag: "127f40ebd90ab4df755efb4d06eed1bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2136
accept-ranges: bytes
content-length: 15682
expires: Fri, 24 Feb 2023 20:12:19 GMT

Redirect headers

location: https://zdstatic.speedtest.net/jst/zdconsent_eu.js
date: Fri, 24 Feb 2023 19:36:43 GMT
cache-control: max-age=0
content-length: 0
expires: Fri, 24 Feb 2023 19:36:43 GMT

GET
H2 200 HCo_fonts.css
b.cdnst.net/fonts/ 144 KB
109 KB 151ms
40ms Stylesheet
text/css 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/fonts/HCo_fonts.css

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a53537e14de571320c27235939e4eabba481cbddcb481e90683af387ffb74b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:42 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"24005-1862de3db68"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 111462

GET
H2 200 main.a272578758de0452a2dda11a5ad32a75.css
b.cdnst.net/styles/ 138 KB
23 KB 152ms
41ms Stylesheet
text/css 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/styles/main.a272578758de0452a2dda11a5ad32a75.css

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c57b246f1cd855d76bb369c7a51311057ea093a6e9aa830837f9ca907877507a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:42 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"229bf-1862de3db68"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 23635

GET
H2 200 amazon.js Show response
b.cdnst.net/javascript/ 551 B
405 B 233ms
122ms Script
application/javascript 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/amazon.js

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f983d992f18cc6a5024a1fb94062872c8c1c9ddd3d936289cfb01b720a0c03d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:42 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"227-1862de3db68"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 326

GET
H2 200 ad.js Show response
b.cdnst.net/javascript/ads/ 25 B
95 B 233ms
123ms Script
application/javascript 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/ads/ad.js

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32b0ffbdaf288de753cd11b89e702c4c5c140b7a86037c852ebc341ad99c5f47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:42 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"19-1862de3db68"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 45

GET
H2 200 groupblack-white_on_black-1x.png
b.cdnst.net/images/group-black/ 2 KB
2 KB 103ms
103ms Image
image/png 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/group-black/groupblack-white_on_black-1x.png

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b76abca4ceaaf1788e86a4c3f6794567c085cb1b44220876d8953fcc3df0ac06

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"75b-1862de3db68"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 1883

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159017/2865/ 253 KB
79 KB 227ms
52ms Script
text/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159017/2865/pwt.js
Requested by: Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 80a105cfda22bd7e95046125b6fcf8d8787d4f508c5cad418a8e9a95b89fde14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 24 Feb 2023 19:36:43 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 18:53:17 GMT
server: Apache
etag: "10e1230-3f41a-5c9c5d4a9bb4b"
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=146369
accept-ranges: bytes
content-length: 80189
expires: Sun, 26 Feb 2023 12:16:12 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 193 KB
47 KB 166ms
45ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/amazon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:17:13 GMT
content-encoding: gzip
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 21:42:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 1171
x-amz-server-side-encryption: AES256
etag: W/"0d9f2b192f61b596888847da998647d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: q820yx4HtNLGj-hZknxNS6DL9RhuHdPv6xiU_4IQyk6JzASiX9QBQA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
86 KB 205ms
79ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33fa1a864abfad72fec6bfb434ac84382e2216690c838a1139c6d63bb07d5c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88098
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Feb 2023 19:36:43 GMT

GET
H2 200 speedtest-main.js Show response
b.cdnst.net/javascript/ 3 MB
837 KB 89ms
89ms Script
application/javascript 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/speedtest-main.js?v=92c3e30e910170041d7f51600e38d977

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f08bdefefea6012f58f7790c427222c5bd4f3bfe6b3fb95d68257665c7a08996

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 22:02:28 GMT
etag: W/"3137eb-1862de6d520"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 856407

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0e541744f676604437a82dbb6da707498b427560f66770bbbf1cc9e0871130

Request headers

Referer
Origin: https://user1.klaymanaria.ga
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET gaugemono-regular-webfont.woff2
b.cdnst.net/fonts/ 0
0

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 862eff8a57590f8e85dd621b011f688df35f8efea22f441abedef959721cc979

Request headers

Referer
Origin: https://user1.klaymanaria.ga
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
26 KB 177ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b8514c85c13a143e983c709b2f011704416baf80c4afc94e687438143852ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26502
x-xss-protection: 0
server: sffe
etag: "1493 / 941 of 1000 / last-modified: 1677240773"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 19:36:43 GMT

GET
H2 200 prebid.6.18.0.min.js Show response
b.cdnst.net/javascript/ 273 KB
83 KB 81ms
81ms Script
application/javascript 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.cdnst.net/javascript/prebid.6.18.0.min.js

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8659462051d02c11a0ee6a3fd27dcd5bbc7c8ffe23954381d2e6b5fad5b2043c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"4422f-1862de3db68"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 84764

GET
H2 200 2313e539-e056-4dac-9345-163805bd3684.json Show response
cdn.cookielaw.org/consent/2313e539-e056-4dac-9345-163805bd3684/ 4 KB
2 KB 197ms
96ms XHR
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2313e539-e056-4dac-9345-163805bd3684/2313e539-e056-4dac-9345-163805bd3684.json

Requested by

Host: zdstatic.speedtest.net
URL: https://zdstatic.speedtest.net/jst/zdconsent.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3cf52e4e1caef4422c1232737a61ab7ec3ff6fe8d853975691afebf272455a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 19:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: G9QmCIjnbxBRqquZsCgiPA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1691
x-ms-lease-status: unlocked
last-modified: Fri, 20 Jan 2023 20:35:30 GMT
server: cloudflare
etag: 0x8DAFB25DF931D06
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2b95f1dc-701e-013b-1987-48dced000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79eaa6d6fa97364d-FRA
expires: Sat, 25 Feb 2023 19:36:43 GMT

GET gaugemono-regular-webfont.woff
b.cdnst.net/fonts/ 0
0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 508ms
426ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:44 GMT
x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Dc8CdpYYzosb407edVJSepCIkMOob1L8U7Vytccb9fF9rreEXC-TxA==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 187ms
92ms XHR
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: zdstatic.speedtest.net
URL: https://zdstatic.speedtest.net/jst/zdconsent.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 79eaa6da3c6e35fc-FRA
access-control-allow-headers: Content-Type

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 470 B
823 B 140ms
139ms XHR
application/json 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3336&u=https%3A%2F%2Fuser1.klaymanaria.ga
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: fa105ab6dd5ec350f98f5d8b5862f43def0a0168c2d5b857c13bc224cca42a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:43 GMT
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://user1.klaymanaria.ga
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 470
x-amz-cf-id: BCC_l4jxv9kAJq-5-IMTZ0nWyN4QY-r7zgx85pgcPu9bJukxsaIy5g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 467ms
200ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=92c3e30e910170041d7f51600e38d977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b8514c85c13a143e983c709b2f011704416baf80c4afc94e687438143852ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26502
x-xss-protection: 0
server: sffe
etag: "1493 / 843 of 1000 / last-modified: 1677240773"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 19:36:44 GMT

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d815893ea34e5805c4cfb5e497b666f690fa80a5153bb757437bf6bfd3abb47c

Request headers

Referer
Origin: https://user1.klaymanaria.ga
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 gauge-gradient-dl-multi-web.png
b.cdnst.net/images/ 77 KB
77 KB 42ms
40ms Image
image/png 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-dl-multi-web.png

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"132c5-1862de3db68"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 78533

GET
H2 200 gauge-gradient-ul-multi-web.png
b.cdnst.net/images/ 73 KB
73 KB 46ms
44ms Image
image/png 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-ul-multi-web.png

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"12248-1862de3db68"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 74312

GET
H2 200 gauge-gradient-dl-single-web.png
b.cdnst.net/images/ 61 KB
61 KB 44ms
42ms Image
image/png 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-dl-single-web.png

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"f3d1-1862de3db68"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 62417

GET
H2 200 gauge-gradient-ul-single-web.png
b.cdnst.net/images/ 64 KB
64 KB 44ms
42ms Image
image/png 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/gauge-gradient-ul-single-web.png

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"ff47-1862de3db68"
x-frame-options: DENY
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 65351

GET
H2 200 English_get-it-from-MS_InvariantCulture_Default.png
user1.klaymanaria.ga/images/ 14 KB
15 KB 205ms
203ms Image
image/png 2606:4700:3033::ac43:8a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user1.klaymanaria.ga/images/English_get-it-from-MS_InvariantCulture_Default.png

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8a74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e0da7b78f6365146f0889b05e139587016e6b5e2e1a8d778dbc3272ad0a6278

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:43 GMT
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14457
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
server: cloudflare
etag: W/"3879-1862de3db68"
x-frame-options: DENY
vary: Origin, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHShc4INLC1BuvxcB8wbHDmWr2W4OrLAo9%2BU0Su7RwJzgGUnolBib1Wm39H%2FB6zWl7Uo%2FtliCBmMqJ%2BFI%2F%2Fb698ubtFOiDJCm7lx%2Fmkg58x9CYltZVAVvdV35yXnGTbyC0A8mvs%2BO9uifue9oXqmgeeMDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79eaa6da1b0b995c-FRA

GET
H2 200 ad-free-125x101-fade-anim-1x.gif
b.cdnst.net/images/ 10 KB
10 KB 43ms
42ms Image
image/gif 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/ad-free-125x101-fade-anim-1x.gif

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f30799e7ea5caddb7b79f074957baeaecccf1a31846993414008331c257d242

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"266b-1862de3db68"
x-frame-options: DENY
content-type: image/gif
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 9835

GET
H2 200 icg_insights.svg
b.cdnst.net/images/ 1 KB
695 B 44ms
42ms Image
image/svg+xml 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_insights.svg

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4d195a402297509314a9a38df1b8b94f627550aa13fc34aab675a749694e474e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"490-1862de3db68"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 632

GET
H2 200 icg_globalindex.svg
b.cdnst.net/images/ 2 KB
905 B 44ms
43ms Image
image/svg+xml 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_globalindex.svg

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e928fd56eb75f5909d953d76a6ec33742a0e9a8cda68205437fa2786b5386752

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"80f-1862de3db68"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 854

GET
H2 200 icg_5g.svg
b.cdnst.net/images/ 2 KB
1 KB 44ms
42ms Image
image/svg+xml 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_5g.svg

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f02165b5a4e05eceda936e58979a6f5befb2d879486d62f7c6e43060d5c920cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"8e9-1862de3db68"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 1110

GET
H2 200 icg_enterprise.svg
b.cdnst.net/images/ 2 KB
550 B 46ms
45ms Image
image/svg+xml 2a04:4e42::731
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.cdnst.net/images/icg_enterprise.svg

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a04:4e42::731 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

81f5051a7706193e4279d279605188a8af93b633d6255c6bb99007e8bca65c15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:43 GMT
last-modified: Tue, 07 Feb 2023 21:59:13 GMT
etag: W/"66c-1862de3db68"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 499

GET
H2 200 servers Show response
user1.klaymanaria.ga/api/js/ 3 KB
1 KB 233ms
233ms XHR
application/json 2606:4700:3033::ac43:8a74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://user1.klaymanaria.ga/api/js/servers?engine=js&limit=10&https_functional=true

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=92c3e30e910170041d7f51600e38d977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8a74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4a76e64934373b1bfa852e9ee080310efe6290d8b20464f71e3a797b27e295b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:44 GMT
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6E%2F5O539spKUtHEJlNEmhBqE3aYZUNiFQzmDHq%2FBBEaf6dqNhAEQzptVUW8VgYeIEwr2bTG2HuV1r%2FIX2pN3E1rGvAEGMr%2FCarliVaDeKIk%2BqYbnLO9Ra9gwHt0n6dJUR2z1JdQjfA2Ct8f0rK98fMbcXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 79eaa6da4b4f995c-FRA
expires: Sat, 25 Feb 2023 19:36:43 GMT

GET
H2

200

z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/eu/js/
Redirect Chain

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

104 KB
29 KB

46ms
45ms

Script
application/javascript

95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by: Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/
Protocol: H2
Server: 95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-64.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c4a3119f3084a154a562d30b830982c09d3df0a708dbdc406b8a8eee7407fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: G.uWnS85cu8wYNL7.cNZyxif8QXUkeEL
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:44 GMT
last-modified: Wed, 22 Feb 2023 21:16:26 GMT
x-amz-request-id: 82508ZJT30SJ76H2
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 29395
x-amz-id-2: 7HMGzrQlYSL4eaHjqYIGTD9i8TZ2Xbdb16JxWJNwmrhrEYUvZWrfCT0GdO+F/53b56sie0l0BE4=
expires: Sat, 25 Feb 2023 19:36:44 GMT

Redirect headers

location: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
date: Fri, 24 Feb 2023 19:36:44 GMT
cache-control: max-age=86400
core-eu: Yes
content-length: 0
expires: Sat, 25 Feb 2023 19:36:44 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 117 KB
45 KB 292ms
77ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-MPW4L3J

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09fcb094d354dbbb24fcc018cab56592eeb14afa302293901f012b298e396171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46180
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Feb 2023 19:36:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 163ms
160ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b6781dd72a1cbe241193f368a262e201b0a36eeebe8df267aea265ee271b284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78113
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Feb 2023 19:36:43 GMT

GET
H2 204 unip
trc.taboola.com/1288978/log/3/ 0
331 B 234ms
50ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1288978/log/3/unip?en=SpeedTestViewContent&gtmcb=418340624
Requested by: Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230040-FRA
server: nginx
x-timer: S1677267404.088068,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pubads_impl_2023021601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 215ms
53ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 06:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132097
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:35:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Feb 2024 06:29:32 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 42 B
588 B 294ms
88ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=user1.klaymanaria.ga

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42f78c87adfa363463a6c1a6bc5a80dbeb1417055cef54ddb781acd6c33de3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
expires: Fri, 24 Feb 2023 19:36:44 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 240ms
47ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: user1.klaymanaria.ga
URL: https://user1.klaymanaria.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: XMKQ6KSH8HKY7JJG
age: 3223
etag: W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79eaa6dbcad490e8-FRA
x-amz-id-2: zyfwe6+90901ZTsTxPx7eCnckWPZj+mMay0EtfLu/gSY6W/taLioxUDvfUMTnWL3076e9oWw78XTfm7ueciqCg==

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
451 B 117ms
117ms XHR
text/plain 52.5.92.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.92.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-92-241.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 24 Feb 2023 19:36:44 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 371ms
117ms Preflight 52.5.92.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.92.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-92-241.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user1.klaymanaria.ga
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 24 Feb 2023 19:36:44 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 otbannersdk.202301.1.0.js Show response
cdn.ziffstatic.com/jst/ 395 KB
95 KB 114ms
106ms Script
application/javascript 2a02:26f0:10e::6860:5b69
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/jst/otbannersdk.202301.1.0.js
Requested by: Host: zdstatic.speedtest.net
URL: https://zdstatic.speedtest.net/jst/zdconsent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e::6860:5b69 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 52f2b0b3ebd2111e72bcb744342d64df5ce8cd67bec5f63c4353ed98e26b0e74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: LzmUTCNXnsyuqJi.gUzCmF7dYMOALzKO
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:44 GMT
last-modified: Fri, 20 Jan 2023 19:19:36 GMT
x-amz-request-id: YG31R2XGW8P0HP5Z
etag: "1634f060da9bac9ca30f83819e29401d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 96500
x-amz-id-2: 4AvFNkwz8Yby5wFwR6KjVjdqRr1C8mcG4sstiOPWp2Ejm5cno3O/jonA78kAnmqZRp1xazpvUxY=
expires: Sat, 25 Feb 2023 19:36:44 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/2313e539-e056-4dac-9345-163805bd3684/9ffc9c6b-f2bc-4c4d-9c8d-eadb136c53ad/ 271 KB
43 KB 86ms
86ms Fetch
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2313e539-e056-4dac-9345-163805bd3684/9ffc9c6b-f2bc-4c4d-9c8d-eadb136c53ad/en.json

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/jst/otbannersdk.202301.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03aa4865cc7915fae0e067d2560cde403ceef2873a31dc210cef8a280b66c73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: NVm9bkThng7mTU4o+jLSWw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 43622
x-ms-lease-status: unlocked
last-modified: Fri, 20 Jan 2023 20:35:34 GMT
server: cloudflare
etag: 0x8DAFB25E1BEAB8D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4b95ccd0-f01e-00e2-0e87-483c94000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79eaa6dc5aa8364d-FRA
expires: Sat, 25 Feb 2023 19:36:44 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 368 KB
53 KB 102ms
101ms Fetch
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/jst/otbannersdk.202301.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a48aa40c4250549d94e857f51799512f160e05fe3d4bce0d1b5167ad5bcf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: R6Squ91xgGq5H8o0yEfTUw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 53663
x-ms-lease-status: unlocked
last-modified: Fri, 24 Feb 2023 19:32:45 GMT
server: cloudflare
etag: 0x8DB169DE77392CC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1e01df1a-201e-0123-1687-48f178000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79eaa6dc6aab364d-FRA

GET
H2 200 googleData.json Show response
cdn.cookielaw.org/vendorlist/ 59 KB
17 KB 102ms
101ms Fetch
application/x-javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/googleData.json

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/jst/otbannersdk.202301.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b980f9cb212d8c5ddaf769642ff595637cfa7bdd37c12349d37d421bd29004e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: wUlJKwbZtNvxpb+LLCf0kw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 17000
x-ms-lease-status: unlocked
last-modified: Fri, 24 Feb 2023 19:32:45 GMT
server: cloudflare
etag: 0x8DB169DE789FD9C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 15b38ad5-301e-007c-5787-4845d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79eaa6dc6aac364d-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/ 68 KB
15 KB 136ms
54ms Script
application/javascript 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/otTCF.js

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/jst/otbannersdk.202301.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: k21cpyPt8DENjuKxthEwKw==
age: 27498
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15011
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:34 GMT
server: cloudflare
etag: 0x8DB14866A26175C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4407d926-a01e-00fa-2cb4-461101000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79eaa6dcec929b7a-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 19:12:19 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1465
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Feb 2023 21:12:19 GMT

GET
H2 200 info Show response
gurgle.zdbb.net/ 266 B
484 B 376ms
119ms XHR
application/json 3.208.202.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fuser1.klaymanaria.ga%2F&fp=0&lcl_id=
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.202.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-202-151.compute-1.amazonaws.com
Software: /
Resource Hash: 2f5e89db61bfdddd699a3e335c8b3834ad5c423241630efbd84231215ef3daf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://user1.klaymanaria.ga
date: Fri, 24 Feb 2023 19:36:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 266
access-control-allow-methods: GET, OPTIONS
content-type: application/json

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
463 B 214ms
76ms XHR
text/javascript 13.224.191.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3336&u=https%3A%2F%2Fuser1.klaymanaria.ga%2F&pid=1zanM6UqMf6qe&cb=0&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1591980299503-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_leaderboard%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1591980417879-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_skyscraper%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1591980440646-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1591980270785-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1591980370035-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_lowerboard%22%7D%5D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.191.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-191-98.fra2.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:44 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: RKX60K0CQVPS4YPVT02K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _wLRc_Ys9_Cz2BF0SVQS2cc01Nz48sRxyAbIZn5OabKJG7_fQ_5f6A==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 136ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KKLSRK6J1Z&gtm=45je32m0&_p=2108475925&gcs=G10-&cid=311404351.1677267404&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677267404&sct=1&seg=0&dl=https%3A%2F%2Fuser1.klaymanaria.ga%2F&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&en=page_view&_fv=2&_nsi=1&_ss=1&ep.gtm_container=GTM-K7SNBZ&ep.gtm_version=249&ep.mobile_web_test=false&ep.hostname=https%3A%2F%2Fuser1.klaymanaria.ga&ep.adblock_status=False&ep.zdConsent_geoCC=&ep.zdConsent_consentGiven=false&ep.vpnUseDetected=false&epn.client_timestamp=1677267403881&up.user_type=anonymous&up.adFree=false&up.gaOptInStatus=false&up.googAdsOptInStatus=false&up._npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user1.klaymanaria.ga
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 9 KB
3 KB 89ms
89ms Fetch
application/json 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/jst/otbannersdk.202301.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: Qf36WLKhcsAEEHSLiy9FSw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:29 GMT
server: cloudflare
etag: 0x8DB14866727C09A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0db6159d-801e-0047-8087-48078d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79eaa6de1d32364d-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 21 KB
4 KB 91ms
91ms Fetch
text/css 2606:4700::6813:bb61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/jst/otbannersdk.202301.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 19:36:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 09f84d2e-801e-0021-0187-48b5d7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79eaa6de1d33364d-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 73ms
73ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2108475925&t=pageview&_s=1&dl=https%3A%2F%2Fuser1.klaymanaria.ga%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAICAGKg~&cid=311404351.1677267404&tid=UA-389482-3&_gid=1984507469.1677267405&_slc=1&gtm=45He32m0n71K7SNBZ&cd2=anonymous&cd3=anonymous&cd4=anonymous&cd15=False&cd16=249&cd17=GTM-K7SNBZ&cd22=https%3A%2F%2Fuser1.klaymanaria.ga&cd23=ST4&cd41=0&cd42=0&cd45=0&cd46=0&cd49=0&cd52=0&cd53=0&cd54=6&cd57=0&cd59=0&gcs=G10-&cd47=false&cd40=311404351.1677267404&cd51=pageview&npa=1&z=529738140&cd48=622

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user1.klaymanaria.ga
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check Show response
jogger.zdbb.net/ 5 B
231 B 538ms
277ms XHR
text/plain 54.243.216.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jogger.zdbb.net/check?href=https%3A%2F%2Fuser1.klaymanaria.ga%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.216.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-216-36.compute-1.amazonaws.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:45 GMT
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=862325
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
805 B 45ms
45ms Script
application/javascript 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-64.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: ZjsWaymqI4CzZDI0oZU1c7UA7q1IqQCG
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:44 GMT
last-modified: Wed, 22 Feb 2023 21:16:26 GMT
x-amz-request-id: 8256Q1EWAMX2BVDB
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 464
x-amz-id-2: pbzwDwppU18lLHurjrUTHZKMIRf1QQhblHamMPVBvJAeXuXxImnVt4jRbZQqhglP8d5xDnlOeH0=
expires: Fri, 03 Mar 2023 19:36:44 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 171ms
39ms Script
application/javascript 184.29.200.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.29.200.118 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-200-118.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 24 Feb 2023 19:36:44 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Fri, 03 Mar 2023 19:36:44 GMT

GET
H2 200 krux-coretag.js Show response
cdn.static.zdbb.net/js/ 335 B
656 B 46ms
45ms Script
application/javascript 95.101.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.64 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-64.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: .q9uq5qsYPMXWmcDUds0iihgINzB3cW.
date: Fri, 24 Feb 2023 19:36:44 GMT
last-modified: Wed, 22 Feb 2023 21:16:25 GMT
x-amz-request-id: 8258RADCC02G3ZT6
x-amz-server-side-encryption: AES256
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 335
x-amz-id-2: UY1HduchPM2/6ARGhgWxy6XRz9y5PeljUZhB1lCDFW0CU+rqAuQ2sbbxwb06s/H3CBEWJPGfvJM=
expires: Sat, 25 Feb 2023 19:36:44 GMT

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
109 B 181ms
55ms Image
image/gif 34.243.19.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=e4272e89-b904-4681-a676-39715d1971ca&zd_session_id=06803d93-56aa-4cd5-a70d-54da7f11e0dc&zd_location=https%3A%2F%2Fuser1.klaymanaria.ga%2F&evidon_consent=undefined&third_party_consent=&fu=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.19.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-19-114.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:44 GMT
content-length: 43
content-type: image/gif

GET
H2 200 spgdj7g8u.js Show response
cdn.krxd.net/controltag/ 2 B
405 B 170ms
40ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 790
x-cache: MISS, HIT, HIT
x-app-cache: MISS
x-age: 0
content-length: 22
x-served-by: config-service-a005-ash-prod.krxd.net, cache-iad-kjyo7100110-IAD, cache-fra-eddf8230069-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1677267405.912151,VS0,VE0
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 33, 31

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 438ms
253ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://user1.klaymanaria.ga
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 24 Feb 2023 19:36:45 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 439ms
254ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://user1.klaymanaria.ga
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 24 Feb 2023 19:36:45 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 439ms
255ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://user1.klaymanaria.ga
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 24 Feb 2023 19:36:45 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 438ms
254ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://user1.klaymanaria.ga
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 24 Feb 2023 19:36:45 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 438ms
254ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://user1.klaymanaria.ga
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 24 Feb 2023 19:36:45 GMT
server: ATS/9.1.10.25

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
568 B 171ms
61ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=184382&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221af8d2d92917f3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fuser1.klaymanaria.ga%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223e9ac5741dec3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22184382%22%2C%22sid%22%3A%227%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_leaderboard%22%2C%22gpid%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_leaderboard%22%7D%7D%2C%7B%22id%22%3A%2236adc29f797132%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22184386%22%2C%22sid%22%3A%2211%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_skyscraper%22%2C%22gpid%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_skyscraper%22%7D%7D%2C%7B%22id%22%3A%22419ce529b11284%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22184384%22%2C%22sid%22%3A%229%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle%22%2C%22gpid%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle%22%7D%7D%2C%7B%22id%22%3A%2258bc3adf1a3de2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22184385%22%2C%22sid%22%3A%2210%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle%22%2C%22gpid%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle%22%7D%7D%2C%7B%22id%22%3A%22620e02b65db3a5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22184383%22%2C%22sid%22%3A%228%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_lowerboard%22%2C%22gpid%22%3A%22%2F6692%2Fspeedtest.net%2Fstnext_lowerboard%22%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeef65a43f57774850b0832b3a9fac9c9417b03c75c1e28eb1e5b1da54570f7f

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsf3DmBEtnnJ8b%2B8HL3SOmjc09N0m9cCaCo071l%2FIvl7W4c4bcA8exNLJyCGFdaMKl0k4SJ3ArNItgG%2FCVL0Ypy8EGcjvRnI01rrFVFhYzVyCxoWf%2FT1%2FG%2F29KCIrIPxpoAaWccx"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://user1.klaymanaria.ga
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 79eaa6e0cd4e2c1e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
116 B 142ms
140ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4bce842565120824e5ba275205e5eb50da948bb7fe1e6a55dc414ad7640dacf9

Request headers

Referer: https://user1.klaymanaria.ga/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Feb 2023 19:36:45 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
257 B 116ms
114ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 760c39f7487504bfbf04a85cf18e57fc19b1d1cb01f7590de591b76975355a14

Request headers

Referer: https://user1.klaymanaria.ga/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Feb 2023 19:36:45 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
116 B 150ms
149ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b4dc3266e61914b7bfb859ae3584d80844aa3ae36fda80bc11ff35d554fb1226

Request headers

Referer: https://user1.klaymanaria.ga/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Feb 2023 19:36:45 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
116 B 127ms
124ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d85bf3502eee48df067e8be6d1376892cd46ab9e5d5049ac4c6302e157cd2cff

Request headers

Referer: https://user1.klaymanaria.ga/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Feb 2023 19:36:45 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
116 B 124ms
122ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 761764aa1cf46bc5c58865f838ed41012b516ef10c076c57f6c7b044a9cb6775

Request headers

Referer: https://user1.klaymanaria.ga/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Feb 2023 19:36:45 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-allow-credentials: true
content-length: 84

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 338 B
903 B 200ms
43ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=2&gdpr=1&us_privacy=1---&rf=https%3A%2F%2Fuser1.klaymanaria.ga%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_leaderboard&tk_flint=pbjs_lite_v6.18.0&x_source.tid=a5f7180e-eab0-498f-b922-3ace19cfb8f7&l_pb_bid_id=148cb9bc82ab45c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_leaderboard&slots=1&rand=0.20007535098325802
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1e5fecb2922066d4438af24cf7f6fcf7d6a5d45850d1805512a04961a0186bf0

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://user1.klaymanaria.ga
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 338
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 337 B
671 B 200ms
44ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=9&gdpr=1&us_privacy=1---&rf=https%3A%2F%2Fuser1.klaymanaria.ga%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_skyscraper&tk_flint=pbjs_lite_v6.18.0&x_source.tid=fc6d7dac-9638-4ffe-8992-fcef771fb94f&l_pb_bid_id=15fd825885d8f2e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_skyscraper&slots=1&rand=0.5590411435851175
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7b963bc353a2a6bb9d77f8f50082ebef12fb856622711f05128b3667e3587139

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://user1.klaymanaria.ga
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 337
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 341 B
676 B 201ms
44ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=15&gdpr=1&us_privacy=1---&rf=https%3A%2F%2Fuser1.klaymanaria.ga%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle&tk_flint=pbjs_lite_v6.18.0&x_source.tid=009dcff2-d858-4530-ba18-d938b50b816e&l_pb_bid_id=16de4ae55ee273f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle&slots=1&rand=0.2797991016519079
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1ae8192e83fbb0c1cd48572f9f4fe81f3436cbd85ffb7397c94e59bfe523055d

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://user1.klaymanaria.ga
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 344 B
679 B 201ms
45ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373682&size_id=15&gdpr=1&us_privacy=1---&rf=https%3A%2F%2Fuser1.klaymanaria.ga%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle&tk_flint=pbjs_lite_v6.18.0&x_source.tid=7682986a-1110-4bc3-a09b-2403e836d16c&l_pb_bid_id=172bb17210f3bc3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle&slots=1&rand=0.6192384167729235
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1de2755153dc9f4991d5dcb0bcce2a2b65d7e6ce32070397fa534719b307f41e

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://user1.klaymanaria.ga
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 344
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 337 B
672 B 202ms
46ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373682&size_id=2&gdpr=1&us_privacy=1---&rf=https%3A%2F%2Fuser1.klaymanaria.ga%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_lowerboard&tk_flint=pbjs_lite_v6.18.0&x_source.tid=73139ae0-ac2e-4156-b3d8-ac581aee0e36&l_pb_bid_id=18d891ca5ad44fc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_lowerboard&slots=1&rand=0.5344111108748228
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b7a9fb3b5278c69440600217ca252b7243fb52c37f2b3e3e2684fea55b011402

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://user1.klaymanaria.ga
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 337
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
ookla-d.openx.net/w/1.0/ 73 B
381 B 155ms
53ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ookla-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fuser1.klaymanaria.ga%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a5f7180e-eab0-498f-b922-3ace19cfb8f7%2Cfc6d7dac-9638-4ffe-8992-fcef771fb94f%2C009dcff2-d858-4530-ba18-d938b50b816e%2C7682986a-1110-4bc3-a09b-2403e836d16c%2C73139ae0-ac2e-4156-b3d8-ac581aee0e36&nocache=1677267404806&gdpr=1&us_privacy=1---&aus=728x90%7C160x600%7C300x250%7C300x250%7C728x90&divids=%252F6692%252Fspeedtest.net%252Fstnext_leaderboard%2C%252F6692%252Fspeedtest.net%252Fstnext_skyscraper%2C%252F6692%252Fspeedtest.net%252Fstnext_top_rectangle%2C%252F6692%252Fspeedtest.net%252Fstnext_bottom_rectangle%2C%252F6692%252Fspeedtest.net%252Fstnext_lowerboard&aucs=%252F6692%252Fspeedtest.net%252Fstnext_leaderboard%2C%252F6692%252Fspeedtest.net%252Fstnext_skyscraper%2C%252F6692%252Fspeedtest.net%252Fstnext_top_rectangle%2C%252F6692%252Fspeedtest.net%252Fstnext_bottom_rectangle%2C%252F6692%252Fspeedtest.net%252Fstnext_lowerboard&auid=538306129%2C538306131%2C538306127%2C538306123%2C538306126
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c87c5f31e6467e8c29921a1041c879800169e3ee13b6c417a4f900fc38fbf22a

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:44 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://user1.klaymanaria.ga
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 19 B
835 B 515ms
309ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:45 GMT
AN-X-Request-Uuid: b52adff8-9e66-43d0-94dd-187f87e4809a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://user1.klaymanaria.ga
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
160 B 433ms
263ms XHR
text/plain 52.58.138.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.138.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-138-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://user1.klaymanaria.ga
date: Fri, 24 Feb 2023 19:36:45 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
161 B 432ms
262ms XHR
text/plain 52.58.138.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.138.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-138-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://user1.klaymanaria.ga
date: Fri, 24 Feb 2023 19:36:45 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
160 B 433ms
264ms XHR
text/plain 52.58.138.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.138.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-138-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://user1.klaymanaria.ga
date: Fri, 24 Feb 2023 19:36:45 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
160 B 538ms
369ms XHR
text/plain 52.58.138.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.138.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-138-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://user1.klaymanaria.ga
date: Fri, 24 Feb 2023 19:36:45 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
160 B 642ms
473ms XHR
text/plain 52.58.138.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.138.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-138-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://user1.klaymanaria.ga
date: Fri, 24 Feb 2023 19:36:45 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 adreq Show response
ads.servenobid.com/ 2 KB
853 B 720ms
579ms XHR
application/json 34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=2103
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e76f8b6ac0417d83074bf2648a3a43b23f7967cf87a27a6719671bad4310f21b

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 24 Feb 2023 19:36:45 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://user1.klaymanaria.ga
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 426ms
270ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user1.klaymanaria.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://user1.klaymanaria.ga
date: Fri, 24 Feb 2023 19:36:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 30629 Show response
stags.bluekai.com/site/ Frame DF95 71 B
256 B 527ms
183ms Document
text/html 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Duser1.klaymanaria.ga&phint=referer%3Dhttps%3A%2F%2Fuser1.klaymanaria.ga%2F&phint=bbseg%3D6848&phint=bbseg%3D6834&phint=bbseg%3D6837&phint=bbseg%3D6823&phint=__bk_t%3DSpeedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&phint=__bk_k%3Dookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeed%20test%2Cbandwidth%20speed%20test%2Cinternet%20speed%20test%2Cbroadband%20speed%20test%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cip%20address%2Ctcp&phint=__bk_l%3Dhttps%3A%2F%2Fuser1.klaymanaria.ga%2F&phint=__bk_v%3D3.1.10&limit=10&r=83573239
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://user1.klaymanaria.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

bk-server: f4b2
content-length: 71
content-type: text/html
date: Fri, 24 Feb 2023 19:36:45 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
x-n: S

GET
H2 200 check_c Show response
zdbb.net/ 0
234 B 57ms
54ms XHR
text/plain 34.243.19.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zdbb.net/check_c
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.19.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-19-114.eu-west-1.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user1.klaymanaria.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:45 GMT
server: Ziff Davis BuyerBase
p3p: CP="ALL DSP COR NID"
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://user1.klaymanaria.ga
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0
expires: 0

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame C590 9 KB
4 KB 192ms
41ms Document
text/html 18.66.147.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html?usp_consent=1---
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b37e592fbce3c1b8f5c36b935b365e29652ddc5a411ed1a6352675204c44b8f6

Request headers

Referer: https://user1.klaymanaria.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6817
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 17:43:12 GMT
etag: W/"898bfca85f21d2d030dbe2187456fdd5"
last-modified: Wed, 22 Feb 2023 17:40:40 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-id: WfDgWrtuxTp1nL1aUuPPF4gWtJU6FwBXTW1FzLnrTpeNH-boWB575w==
x-amz-cf-pop: FRA60-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:8de85947-8905-4cc0-8969-c798f02d9e56
x-amz-meta-codebuild-content-md5: b6a9dfef61b64bd318eb773bb684dd5a
x-amz-meta-codebuild-content-sha256: 3cb2617a984f011237bb5b1f7c08195f201e9aa58dc9384fe9f969f8b809e824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 9853 0
91 B 60ms
49ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user1.klaymanaria.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 24 Feb 2023 19:36:48 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BFD2 16 KB
6 KB 40ms
40ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159017&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://user1.klaymanaria.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=83237
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 24 Feb 2023 19:36:48 GMT
expires: Sat, 25 Feb 2023 18:44:05 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 15AC 281 B
554 B 238ms
48ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&us_privacy=1---
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://user1.klaymanaria.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Feb 2023 19:36:48 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 91A5 3 KB
2 KB 162ms
47ms Document
text/html 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.6.18.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://user1.klaymanaria.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 79eaa6f83aaf3721-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 19:36:48 GMT
expires: Fri, 24 Feb 2023 23:36:48 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BFD2 0
42 B 146ms
42ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61537767&p=159017&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159017&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:47 GMT
content-length: 0

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 1ECB 54 B
541 B 167ms
59ms Document
text/html 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPnr-wAPnr-wAAcABBENC5CgAAAAAH_AACiQAAASbAJMNW4gC7MscGbaMIoEQIwrCQqgUAFFAMLRAYQOrgp2VwE-sIkACAUATgRAhwBRgwCAAASAJCIgJAjwQCAAiAQAAgAVCIQAMbAILACwMAgAFANCxRigCECQgyICIpTAgKkSCgnsqEEoP9DTCEOssAKDR_xUICNZAxWBEJCwchwRICXiyQPMUb5ACMAKAUSoVqKT00AA.YAAAD_gAAAAA&d=https%3A%2F%2Fuser1.klaymanaria.ga%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79eaa6f95b412bc5-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 19:36:48 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OBUdIwjPbwWnLEOtRxNOTo%2B901luJJRYr9JMqQoApCgtdyVnIAwzP6trCzlpF9sqv5Ri8yOjcOZCV3quN0Pk%2BR7b6qhqvnSoPZoz%2BuJGlm1xWxoqvl1aVVXUeQpePZ6kDit54Ffu9sBmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame BC66 4 KB
2 KB 219ms
56ms Document
text/html 34.253.68.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.68.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-68-108.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3fa3ba510288667db3d6640024fa2a4b29f88d79a96d36da3fa854103d7f82db

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 24 Feb 2023 19:36:48 GMT
etag: W/"014488299818330debaeb50cacbc9056a"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 2205 0
0 147ms
41ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame C25D 846 B
1 KB 302ms
50ms Document
text/html 185.86.139.94

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b6f191e728ae9ac1abde89afe704175d5364110b8174cff0990878bdb163435

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 846
content-type: text/html
date: Fri, 24 Feb 2023 19:36:48 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 0443
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
817 B

71ms
70ms

Document
text/html

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da2bd0acbb92bd58b815f37d71cb8ece543f640c382bf502adfc22b7ea8feef6

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79eaa6f9bbd32bc5-FRA
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 19:36:48 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKqkpUIU%2BDeIQMGujLMerZt0%2FxqTVKCXTkUXmnLGHLY1fmRb%2FqDvdIw7vSr%2B4apsulFXT927po%2BH2mvi8bRdZ7yMxvXpFMzsRZEKxLOFfJv%2B8gWcKGKbYFBTbDDeZjigGbpF3KvmVDhSHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79eaa6f95b442bc5-FRA
content-length: 0
date: Fri, 24 Feb 2023 19:36:48 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tIlZ7qMXzFT4vYs5qSIeE2bFnil0Z4wCON207y5jvQem4JqgJWGCkcTrHC4U4KDX%2FV8m2JqxzMbwLS8Fn%2BqmqMND08zU2DT8jiZvX5sUgPrmPIMF%2FJKWh%2BUDkZcfflKAhjLJ3fpWH99bA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 263E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

59ms
58ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Feb 2023 19:36:48 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 24 Feb 2023 19:36:48 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F479 16 KB
6 KB 42ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1---&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=83237
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 24 Feb 2023 19:36:48 GMT
expires: Sat, 25 Feb 2023 18:44:05 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame A0E9 0
485 B 282ms
132ms Document
text/html 2600:9000:21f3:a800:1f:4c18:bd40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a800:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Fri, 24 Feb 2023 19:36:48 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-id: k5EMEw8HCNRNR9-GUz4XluoqteVz62HTwzVkBgt72H9nqYxJlMPdOQ==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 09C0 0
160 B 179ms
46ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1---&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Fri, 24 Feb 2023 19:36:48 GMT
Pragma: no-cache
Server: nginx

GET
H2

200

sync
ads.servenobid.com/ Frame C590
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&uid=4472121478697305786

0
344 B

101ms
55ms

Image
image/avif

34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=4472121478697305786
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Fri, 24 Feb 2023 19:36:48 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9f8e8a81-ae10-44ff-8864-e64bda7fc6a5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.servenobid.com/sync?pid=312&uid=4472121478697305786
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame C590
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=GNjYrRZHXBsMgg8GTaObKgH_

0
351 B

87ms
55ms

Image
image/avif

34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=GNjYrRZHXBsMgg8GTaObKgH_
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:48 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=GNjYrRZHXBsMgg8GTaObKgH_
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame C590 0
277 B 243ms
57ms Image
text/plain 216.52.2.39

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1---&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 24 Feb 2023 19:36:48 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame C590
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1677267408895
https://ad.turn.com/r/cs?pid=45&rndcb=8240627133
https://sync.1rx.io/usersync/turn/4013456029012047109?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-abf24480-aba5-4c95-b441-e47f28958366-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-abf24480-aba5-4c95-b441-e47f28958366-003
https://ads.servenobid.com/sync?pid=321&uid=RX-abf24480-aba5-4c95-b441-e47f28958366-003

0
362 B

55ms
55ms

Image
image/avif

34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=321&uid=RX-abf24480-aba5-4c95-b441-e47f28958366-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=321&uid=RX-abf24480-aba5-4c95-b441-e47f28958366-003
date: Fri, 24 Feb 2023 19:36:49 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXabf24480aba54c95b441e47f28958366003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame C590
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5124322325179478603

0
344 B

55ms
55ms

Image
image/avif

34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5124322325179478603
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5124322325179478603
Date: Fri, 24 Feb 2023 19:36:49 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame C590 0
500 B 656ms
125ms Image
text/plain 69.166.1.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-142
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame C590
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=213c55d6-96ea-4e90-b5ae-15e6b34b3364&gdpr=0&gdpr_consent=&us_privacy=1---

0
358 B

167ms
55ms

Image
image/avif

34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=213c55d6-96ea-4e90-b5ae-15e6b34b3364&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=213c55d6-96ea-4e90-b5ae-15e6b34b3364&gdpr=0&gdpr_consent=&us_privacy=1---
date: Fri, 24 Feb 2023 19:36:48 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame C590
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
https://ads.servenobid.com/sync?pid=337&uid=y-g69opFlE2uGex82zUTCZVnAjAt_9RHhFe5DphT8-~A

0
366 B

55ms
55ms

Image
image/avif

34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-g69opFlE2uGex82zUTCZVnAjAt_9RHhFe5DphT8-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-g69opFlE2uGex82zUTCZVnAjAt_9RHhFe5DphT8-~A
date: Fri, 24 Feb 2023 19:36:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame C590
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-e518a0be-9775-368b-9713-a4e5f7e7c28a

0
359 B

65ms
65ms

Image
image/avif

34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-e518a0be-9775-368b-9713-a4e5f7e7c28a
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-e518a0be-9775-368b-9713-a4e5f7e7c28a
pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame C590
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
https://ads.servenobid.com/sync?pid=339&uid=y-g69opFlE2uGex82zUTCZVnAjAt_9RHhFe5DphT8-~A

0
366 B

55ms
55ms

Image
image/avif

34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-g69opFlE2uGex82zUTCZVnAjAt_9RHhFe5DphT8-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-g69opFlE2uGex82zUTCZVnAjAt_9RHhFe5DphT8-~A
date: Fri, 24 Feb 2023 19:36:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame C590 0
35 B 221ms
41ms Image
text/plain 52.28.36.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1---&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?usp_consent=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.36.30 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 15AC 33 KB
10 KB 50ms
49ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a986162cb6a45ca79f26fcb6a2ed34935c4fe2a348e4527a3a78f4bc730265cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 19:36:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 09:41:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=50681
Connection: keep-alive
Content-Length: 10007
Expires: Sat, 25 Feb 2023 09:41:29 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 15AC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzdmYTU1YjUyMjNhMTJjMzI4M2MyYTc1YzI2OGU3ZmIzMTk4M2RhMw&gdpr=1&us_privacy=1---

170 B
243 B

94ms
93ms

Image
image/png

142.251.208.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzdmYTU1YjUyMjNhMTJjMzI4M2MyYTc1YzI2OGU3ZmIzMTk4M2RhMw&gdpr=1&us_privacy=1---

Protocol

Server

142.251.208.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzdmYTU1YjUyMjNhMTJjMzI4M2MyYTc1YzI2OGU3ZmIzMTk4M2RhMw&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 15AC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJWFBHSEctUi1MTlRP&gdpr=1&us_privacy=1---

170 B
232 B

94ms
94ms

Image
image/png

142.251.208.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJWFBHSEctUi1MTlRP&gdpr=1&us_privacy=1---

Protocol

Server

142.251.208.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJWFBHSEctUi1MTlRP&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 15AC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEIXPGHG-R-LNTO&gdpr=1&us_privacy=1---

0
649 B

225ms
140ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEIXPGHG-R-LNTO&gdpr=1&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:48 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 68EC8A1D659044C0BC741E68238E4F30 Ref B: FRAEDGE1310 Ref C: 2023-02-24T19:36:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX1d0AhgJDb5pfZ56z/MA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEIXPGHG-R-LNTO&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 15AC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

121ms
121ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FAN6EP5XJCG8A3129YJ1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J7D4VXKZSAB69S30X1SR
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 15AC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

59ms
59ms

Image
image/gif

52.94.222.140

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Protocol

HTTP/1.1

Server

52.94.222.140 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2HT7SH22KHB1189RTNWG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZQS6AQP4SRSEM89D3P7H
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 15AC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/DU0uLMsFRJNn54sTo1Xmkw?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cza_sVRE2oLvgHkHS6qedJi0sj_sjckaKr9wGg--~A

0
239 B

181ms
43ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cza_sVRE2oLvgHkHS6qedJi0sj_sjckaKr9wGg--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 24 Feb 2023 19:36:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cza_sVRE2oLvgHkHS6qedJi0sj_sjckaKr9wGg--~A
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 15AC 70 B
264 B 274ms
58ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 15AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJojveSGOvGTuMsr3NiMl4s&google_cver=1

0
239 B

166ms
42ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJojveSGOvGTuMsr3NiMl4s&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEJojveSGOvGTuMsr3NiMl4s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 263E 33 KB
10 KB 61ms
61ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a986162cb6a45ca79f26fcb6a2ed34935c4fe2a348e4527a3a78f4bc730265cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 19:36:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 09:41:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=50680
Connection: keep-alive
Content-Length: 10007
Expires: Sat, 25 Feb 2023 09:41:29 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BC66
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=4472121478697305786

35 B
250 B

160ms
57ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=4472121478697305786
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Fri, 24 Feb 2023 19:36:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cd4ce116-82d7-4548-8062-755bfb40b5b4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=4472121478697305786
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BC66
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3998f26e-3c30-4353-a1e1-697cf5387c37&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_3998f26e-3c30-4353-a1e1-697cf5387c37&gdpr=0&gdpr_consent=&us_privacy=1---
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f8aa452d-1072-4897-8907-3a74db36eae5&ssp=gumgum2
https://usersync.gumgum.com/usersync?b=bsw&i=37b4c294-a332-4c7c-be60-97426e349e05

35 B
250 B

56ms
56ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=37b4c294-a332-4c7c-be60-97426e349e05
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=37b4c294-a332-4c7c-be60-97426e349e05
date: Fri, 24 Feb 2023 19:36:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET

cookie-sync
sync.outbrain.com/ Frame BC66
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ezQbHf4aPXQyykrcmPl0k35Zhv8YLofiV5QuN-yTk4Nwd7CprIK5kpr8QI0OiBqB%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3998f26e-3c30-4353-a1e1-697cf5387c37&obuid=ENC(ezQbHf4aPXQyykrcmPl0k35Zhv8YLofiV5QuN-yTk4Nwd7CprIK5kpr8QI0OiBqB)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7203808668329572498&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING

0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BC66
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=1fc79a2b-c4e5-46b1-8dab-6c80c41848c8

35 B
250 B

281ms
59ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=1fc79a2b-c4e5-46b1-8dab-6c80c41848c8
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Fri, 24 Feb 2023 19:36:49 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=1fc79a2b-c4e5-46b1-8dab-6c80c41848c8
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BC66
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-b4973b8f-cd61-4ce5-6498-1d679e92e5b6$ip$80.255.7.106

35 B
250 B

56ms
56ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-b4973b8f-cd61-4ce5-6498-1d679e92e5b6$ip$80.255.7.106
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-b4973b8f-cd61-4ce5-6498-1d679e92e5b6$ip$80.255.7.106
Date: Fri, 24 Feb 2023 19:36:49 GMT
Connection: keep-alive
Content-Length: 126
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame BC66 43 B
426 B 259ms
58ms Image
image/gif 2a05:d018:d29:3602:2bd9:9049:1377:8ebc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:2bd9:9049:1377:8ebc -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BC66
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=3e28dbe2-5393-46f2-9c08-0a4aaf42e94e

35 B
250 B

56ms
56ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=3e28dbe2-5393-46f2-9c08-0a4aaf42e94e
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=3e28dbe2-5393-46f2-9c08-0a4aaf42e94e
Date: Fri, 24 Feb 2023 19:36:49 GMT
Connection: keep-alive
X-CI-RTID: 57037b90-5d43-4af5-90b8-2e1e80d94399
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 204 services
sync.technoratimedia.com/ Frame BC66 0
293 B 797ms
121ms Image
text/plain 2603:c020:400d:3000:385:a458:2098:ba6f

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:c020:400d:3000:385:a458:2098:ba6f -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 745978858
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame BC66 0
44 B 441ms
123ms Image
text/plain 38.91.45.7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 -, , ASN (),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BC66
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3998f26e-3c30-4353-a1e1-697cf5387c37&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=K7_V9Vehvrh5GqbUvYKo&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SZXL5LDSVTFNB3HE2BVI5YWEVLWLFFW6...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=K7_V9Vehvrh5GqbUvYKo&us_privacy=1---

35 B
250 B

57ms
57ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=K7_V9Vehvrh5GqbUvYKo&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=K7_V9Vehvrh5GqbUvYKo&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BC66
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=f6e2fd8b-8448-4757-ac60-154d1bb0f28d

35 B
250 B

56ms
56ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=f6e2fd8b-8448-4757-ac60-154d1bb0f28d
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=f6e2fd8b-8448-4757-ac60-154d1bb0f28d
access-control-allow-origin: *
date: Fri, 24 Feb 2023 19:36:49 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BC66
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=1XNGHqfug3ic&ev=1&pid=558355

35 B
250 B

56ms
56ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=1XNGHqfug3ic&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(9.4.50.v20221201)
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=1XNGHqfug3ic&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-68b8b6bc74-whwb6
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame BC66
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=2821273827148388468

35 B
250 B

56ms
56ms

Image
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=2821273827148388468
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=2821273827148388468
date: Fri, 24 Feb 2023 19:36:48 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame BC66 0
358 B 92ms
57ms Image
image/avif 34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_3998f26e-3c30-4353-a1e1-697cf5387c37
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 0443 70 B
264 B 245ms
59ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 0443
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB&dcc=t

43 B
855 B

145ms
145ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GR34CKQV157R1EPN76BC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1K9AFVAV64ARS18EETJC
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 0443
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC_E6LgX-VjxwY1wHdfeUL4&google_cver=1

43 B
751 B

61ms
60ms

Image
image/gif

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC_E6LgX-VjxwY1wHdfeUL4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fA70AsaJIs43UFcj%2FUqOa8Jgw52%2F14ibMYeMeyi3R00rQYnGzSztYuSThc8iufej2VuxAAk%2FTVLIOopMmT6QyKSBlfIbeYRZp83WU3eIdyINI6mZCipdDmxf3YanfLaNhrKsKSFwJl9YJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79eaa6fc6a706955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEC_E6LgX-VjxwY1wHdfeUL4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 0443
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-kR0KTZOd0CG7fvc5kVMQAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Y-kR0KTZOd0CG7fvc5kVMQAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO6qeyGJFmdosDwJUcqBAUM&google_cver=1

43 B
632 B

41ms
41ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO6qeyGJFmdosDwJUcqBAUM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 19:36:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEO6qeyGJFmdosDwJUcqBAUM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0443 43 B
603 B 249ms
60ms Image
image/gif 2a05:d018:d29:3602:2bd9:9049:1377:8ebc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:2bd9:9049:1377:8ebc -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 0443 42 B
181 B 242ms
59ms Image
image/gif 2a05:d018:cc3:fe05:c6ce:33c1:7eb8:baae

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:c6ce:33c1:7eb8:baae -, , ASN (),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

rum
dsum.casalemedia.com/ Frame 0443
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1677353809

43 B
779 B

159ms
56ms

Image
image/gif

104.18.25.185

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1677353809
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.25.185 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zt1TaQaCakvOnXKZtc9JxuvnFUtG4TJfJYjj3om09EQmf7g23YnlOUGpoO7yl8qwFAwAEZGkelx%2BF2OHLUhoyzXObRFc4%2FOktCairgg0Na1zAXbaTOz2Qt9B6DnuSRqjmgGUdGO"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79eaa6fcb99f8fca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1677353809
pragma: no-cache
date: Fri, 24 Feb 2023 19:36:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 0443 0
0 245ms
56ms Image
text/html 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 sync
ads.servenobid.com/ Frame 0443 0
357 B 82ms
57ms Image
image/avif 34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=Y_kR0KTZOd0CG7fvc5kVMQAABGoAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame C802
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=47b863f9-11d1-4900-8c4b-eb698fbba836&gdpr=0&gdpr_consent=

35 B
250 B

117ms
60ms

Document
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=47b863f9-11d1-4900-8c4b-eb698fbba836&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 24 Feb 2023 19:36:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 24 Feb 2023 19:36:49 GMT
Expires: Fri, 24 Feb 2023 19:36:48 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 530 4e92630 master cdg-pixel-x30 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=47b863f9-11d1-4900-8c4b-eb698fbba836&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame C224
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y-kR0QAJmhNbLQAF
https://usersync.gumgum.com/usersync?b=atm&i=Y-kR0QAJmhNbLQAF&gdpr=0&gdpr_consent=&_test=Y-kR0QAJmhNbLQAF

35 B
250 B

56ms
56ms

Document
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=Y-kR0QAJmhNbLQAF&gdpr=0&gdpr_consent=&_test=Y-kR0QAJmhNbLQAF
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 24 Feb 2023 19:36:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Fri, 24 Feb 2023 19:36:49 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=Y-kR0QAJmhNbLQAF&gdpr=0&gdpr_consent=&_test=Y-kR0QAJmhNbLQAF
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220035-HHN
x-timer: S1677267409.338802,VS0,VE0

GET
H2

200

pixel Show response
cm.g.doubleclick.net/ Frame E26C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTk4ZjI2ZS0zYzMwLTQzNTMtYTFlMS02OTdjZjUzODdjMzc=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTk4ZjI2ZS0zYzMwLTQzNTMtYTFlMS02OTdjZjUzODdjMzc=&gdpr=0&gdpr_consent=&google_tc=

170 B
232 B

86ms
86ms

Document
image/png

142.251.208.162

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTk4ZjI2ZS0zYzMwLTQzNTMtYTFlMS02OTdjZjUzODdjMzc=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 19:36:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 19:36:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zOTk4ZjI2ZS0zYzMwLTQzNTMtYTFlMS02OTdjZjUzODdjMzc=&gdpr=0&gdpr_consent=&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0D55 16 KB
6 KB 49ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=83236
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 24 Feb 2023 19:36:49 GMT
expires: Sat, 25 Feb 2023 18:44:05 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame A3A9 70 B
265 B 235ms
57ms Document
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 24 Feb 2023 19:36:49 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET

usersync
usersync.gumgum.com/ Frame 1D05
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=Y-kR0cCo8YQAAPPtCsYAAAAA

0
0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 646A
Redirect Chain

https://cs.admanmedia.com/sync/gumgum?puid=e_3998f26e-3c30-4353-a1e1-697cf5387c37&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
https://usersync.gumgum.com/usersync?b=aad&i=c3d3089b-f06d-4531-a58e-a702c4dbeca8

35 B
250 B

56ms
56ms

Document
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=aad&i=c3d3089b-f06d-4531-a58e-a702c4dbeca8
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 24 Feb 2023 19:36:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Fri, 24 Feb 2023 19:36:49 GMT
Expires: 0
Location: https://usersync.gumgum.com/usersync?b=aad&i=c3d3089b-f06d-4531-a58e-a702c4dbeca8
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: DENY

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame DC24
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://usersync.gumgum.com/usersync?b=iex&i=Y-kR0KTZOd0CG7fvc5kVMQAA%261130

35 B
250 B

144ms
56ms

Document
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=iex&i=Y-kR0KTZOd0CG7fvc5kVMQAA%261130
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 24 Feb 2023 19:36:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79eaa6fa5f376955-FRA
content-length: 0
date: Fri, 24 Feb 2023 19:36:49 GMT
expires: 0
location: https://usersync.gumgum.com/usersync?b=iex&i=Y-kR0KTZOd0CG7fvc5kVMQAA%261130
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4o8kt6ZZRY%2F9HtxcbKsbhmZQ3mnPF3iJsa8%2B6B7odlbuMN8whQfL5jlmKWQh0N%2FB%2F47FOtNw%2FTm2cDdnMAFa4vnxE8VnV32RCmdy%2F5OqbqETikb8QGL2fuQZ1T9nLXE4uIeDTZD5WYwSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame F09E
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=UdznrocmtP6SZuBBQJbd&pi=gumgum&tc=1

35 B
250 B

103ms
56ms

Document
image/gif

34.247.205.196

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=UdznrocmtP6SZuBBQJbd&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.205.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Fri, 24 Feb 2023 19:36:49 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 24 Feb 2023 19:36:49 GMT Fri, 24 Feb 2023 19:36:49 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=UdznrocmtP6SZuBBQJbd&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A37C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

65ms
65ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Feb 2023 19:36:49 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 24 Feb 2023 19:36:49 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 sync
ads.servenobid.com/ Frame C25D 0
344 B 56ms
56ms Image
image/avif 34.249.209.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=2821273827148388468&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.209.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-209-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame C25D
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=896573dc-8656-44b7-9225-86a25c754b76
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=896573dc-8656-44b7-9225-86a25c754b76
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=845b5927-581b-49c4-8906-be3b8432dcf5&user_group=1&ssp=smartadserver&bsw_param=896573dc-8656-44b7-9225-86a25c754b76
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=37b4c294-a332-4c7c-be60-97426e349e05&gdpr=&gdpr_consent=

43 B
113 B

50ms
49ms

Image
image/gif

185.86.139.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=37b4c294-a332-4c7c-be60-97426e349e05&gdpr=&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:36:49 GMT
content-type: image/gif

Redirect headers

location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=37b4c294-a332-4c7c-be60-97426e349e05&gdpr=&gdpr_consent=
date: Fri, 24 Feb 2023 19:36:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET

/
dmp.adform.net/serving/cookie/match/ Frame C25D
Redirect Chain

https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5l...
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGcwNHlJdUphRVJiUmFlLTREbD...
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...

0
0

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame C25D
Redirect Chain

https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010003_63f911d132fef&gdpr=0&gdpr_consent=

43 B
361 B

50ms
49ms

Image
image/gif

185.86.139.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010003_63f911d132fef&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 19:36:48 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date: Fri, 24 Feb 2023 19:36:49 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010003_63f911d132fef&gdpr=0&gdpr_consent=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame C25D
Redirect Chain

https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08c5220403db3e3b92b22ad2&gdpr=0&gdpr_consent=

43 B
335 B

90ms
49ms

Image
image/gif

185.86.139.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08c5220403db3e3b92b22ad2&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 185.86.139.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 19:36:48 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=08c5220403db3e3b92b22ad2&gdpr=0&gdpr_consent=
date: Fri, 24 Feb 2023 19:36:49 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A37C 33 KB
10 KB 78ms
62ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a986162cb6a45ca79f26fcb6a2ed34935c4fe2a348e4527a3a78f4bc730265cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 19:36:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 09:41:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=50680
Connection: keep-alive
Content-Length: 10007
Expires: Sat, 25 Feb 2023 09:41:29 GMT

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 263E 0
0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A37C 0
239 B 42ms
42ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LEIXPGHG-R-LNTO
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.cdnst.net
URL: https://b.cdnst.net/fonts/gaugemono-regular-webfont.woff2

Domain: b.cdnst.net
URL: https://b.cdnst.net/fonts/gaugemono-regular-webfont.woff

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7203808668329572498&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=sus&i=Y-kR0cCo8YQAAPPtCsYAAAAA

Domain: dmp.adform.net
URL: https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGcwNHlJdUphRVJiUmFlLTREbDdXelRrSUEiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=

Domain: pixel-us-east.rubiconproject.com
URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LEIXPGHG-R-LNTO

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
user1.klaymanaria.ga/	1970-01-20 12:04:03	Name: euIPAddressNotice Value: true
.klaymanaria.ga/	1969-12-31 23:59:59	Name: zd_session_id Value: 06803d93-56aa-4cd5-a70d-54da7f11e0dc
user1.klaymanaria.ga/	1970-01-20 10:37:39	Name: fu Value: 1
.klaymanaria.ga/	1970-01-20 19:30:27	Name: _ga_KKLSRK6J1Z Value: GS1.1.1677267404.1.0.1677267404.0.0.0
.klaymanaria.ga/	1970-01-20 19:30:27	Name: _ga Value: GA1.2.311404351.1677267404
.klaymanaria.ga/	1970-01-20 09:55:53	Name: _gid Value: GA1.2.1984507469.1677267405
user1.klaymanaria.ga/	1970-01-20 18:40:03	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Feb+24+2023+19%3A36%3A44+GMT%2B0000+(GMT)&version=202301.1.0&isIABGlobal=false&consentId=a2642799-721b-4545-8d07-5950d923064e&interactionCount=0&landingPath=https%3A%2F%2Fuser1.klaymanaria.ga%2F&groups=C0004%3A0%2CC0002%3A0%2CC0005%3A0%2CC0003%3A0%2CC0001%3A1%2CSTACK42%3A0&hosts=H1%3A0%2CH2%3A0%2CH137%3A0%2Clie%3A0%2CH3%3A0%2CH4%3A0%2CH205%3A0%2Clqf%3A0%2CH308%3A0%2CH206%3A0%2Cqbg%3A0%2CH276%3A0%2CH248%3A0%2Ceeg%3A0%2CH9%3A0%2CH250%3A0%2CH11%3A0%2CH136%3A0%2CH280%3A0%2CH12%3A0%2CH281%3A0%2Ccqp%3A0%2CH814%3A0%2CH283%3A0%2CH15%3A0%2CH16%3A0%2CH192%3A0%2CH17%3A0%2CH251%3A0%2CH196%3A0%2CH18%3A0%2CH22%3A0%2CH23%3A0%2CH26%3A0%2CH287%3A0%2CH31%3A0%2CH32%3A0%2CH33%3A0%2CH190%3A0%2CH170%3A0%2CH35%3A0%2CH159%3A0%2CH36%3A1%2CH252%3A0%2CH38%3A0%2CH102%3A0%2CH39%3A0%2CH235%3A0%2CH171%3A0%2CH160%3A0%2CH41%3A0%2CH43%3A0%2CH44%3A0%2CH375%3A0%2CH45%3A0%2CH253%3A0%2CH47%3A0%2CH211%3A1%2Clmh%3A0%2CH290%3A0%2CH132%3A0%2Cgoh%3A0%2CH133%3A0%2CH49%3A0%2CH292%3A0%2CH51%3A0%2CH174%3A0%2CH52%3A0%2CH54%3A0%2Ckoq%3A0%2CH254%3A0%2CH57%3A0%2CH58%3A0%2CH198%3A1%2CH239%3A0%2CH848%3A0%2CH64%3A0%2CH255%3A0%2Ccpg%3A0%2CH242%3A0%2CH66%3A0%2CH256%3A0%2CH175%3A0%2CH67%3A0%2CH69%3A0%2CH70%3A0%2CH73%3A0%2Cwjt%3A0%2CH258%3A0%2CH74%3A0%2CH75%3A0%2CH76%3A0%2CH259%3A0%2Cfgs%3A0%2CH77%3A0%2CH78%3A0%2CH184%3A0%2CH187%3A0%2CH298%3A0%2CH79%3A0%2CH83%3A0%2CH84%3A0%2CH810%3A0%2CH301%3A0%2CH85%3A0%2CH221%3A0%2CH86%3A0%2CH87%3A0%2Cyyf%3A0%2CH89%3A0%2CH246%3A0%2CH90%3A0%2CH191%3A0%2CH91%3A0%2Cslz%3A0%2CH92%3A0%2CH304%3A0%2CH93%3A0%2CH94%3A0%2CH95%3A0%2CH305%3A0%2CH257%3A0%2CH71%3A0%2CH260%3A1%2CH326%3A0%2CH900%3A0%2CH647%3A0%2CH210%3A0%2CH562%3A0%2CH874%3A0%2CH261%3A0%2CH388%3A1%2CH249%3A1%2CH632%3A1%2CH834%3A1%2CH836%3A1%2CH837%3A1%2CH635%3A1%2CH424%3A1&genVendors=
user1.klaymanaria.ga/	1970-01-20 14:13:39	Name: h_zdbb Value:
.klaymanaria.ga/	1969-12-31 23:59:59	Name: zpack Value: eyJ6ZGJiIjoiIiwiZnBpZCI6bnVsbCwicHBpZCI6IjhlNmQyZDM5MjYxYTQ3YzViNmIzMjMyMjY1NmEzZmRiIiwidWVfbTJzIjoiIiwibGNsX2lkIjoiIiwibG9jIjoiaHR0cHM6Ly91c2VyMS5rbGF5bWFuYXJpYS5nYS8iLCJwdl9pZCI6ImU0MjcyZTg5LWI5MDQtNDY4MS1hNjc2LTM5NzE1ZDE5NzFjYSIsInNlc3NfaWQiOiIwNjgwM2Q5My01NmFhLTRjZDUtYTcwZC01NGRhN2YxMWUwZGMifQ==
.rubiconproject.com/	1970-01-20 18:40:03	Name: khaos Value: LEIXPGHG-R-LNTO
.rubiconproject.com/	1970-01-20 18:40:03	Name: audit Value: 1\|naVuGyos1qo7UUVeRqqQvANb0fGVcfL/XWaA1sYWTLGb55ZO9yeic0Kq7TRH+9C5JsN+Zaig6polFpTDQULBGp6DleeQbL8MG0jaGQIXoZq39DlpUDyE1Q==
.ads.pubmatic.com/	1970-01-20 09:55:53	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 18:40:03	Name: CMID Value: Y-kR0KTZOd0CG7fvc5kVMQAA
.casalemedia.com/	1970-01-20 12:04:03	Name: CMPS Value: 1130
.casalemedia.com/	1970-01-20 12:04:03	Name: CMPRO Value: 1130
.1rx.io/	1970-01-20 18:40:03	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-abf24480-aba5-4c95-b441-e47f28958366-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.adnxs.com/	1970-01-20 12:04:03	Name: uuid2 Value: 4472121478697305786
.lijit.com/	1970-01-20 18:40:03	Name: ljt_reader Value: GNjYrRZHXBsMgg8GTaObKgH_
.gumgum.com/	1970-01-20 18:40:03	Name: vst Value: e_3998f26e-3c30-4353-a1e1-697cf5387c37
.lijit.com/	1970-01-20 18:40:03	Name: _ljtrtb_273657 Value: 273657
.yahoo.com/	1970-01-20 18:40:25	Name: A3 Value: d=AQABBNAR-WMCEAiT4T2KqLqZgExEyGi7JNoFEgEBAQFj-mMCZAAAAAAA_eMAAA&S=AQAAApDY_jpbjNIHS1CwUcHDrqQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://user1.klaymanaria.ga/ Message: Access to font at 'https://b.cdnst.net/fonts/gaugemono-regular-webfont.woff2' from origin 'https://user1.klaymanaria.ga' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://b.cdnst.net/fonts/gaugemono-regular-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://user1.klaymanaria.ga/ Message: Access to font at 'https://b.cdnst.net/fonts/gaugemono-regular-webfont.woff' from origin 'https://user1.klaymanaria.ga' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://b.cdnst.net/fonts/gaugemono-regular-webfont.woff Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
b.cdnst.net
b1sync.zemanta.com
bh.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.krxd.net
cdn.static.zdbb.net
cdn.ziffstatic.com
ce.lijit.com
cm.g.doubleclick.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
d.adroll.com
dmp.adform.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
geolocation.onetrust.com
gu.dyntrk.com
gurgle.zdbb.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
image6.pubmatic.com
jogger.zdbb.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
onetag-sys.com
ookla-d.openx.net
p.rfihub.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
public.servenobid.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.bkrtx.com
token.rubiconproject.com
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
user1.klaymanaria.ga
usersync.gumgum.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
zdbb.net
zdstatic.speedtest.net
b.cdnst.net
dmp.adform.net
pixel-us-east.rubiconproject.com
sync.outbrain.com
usersync.gumgum.com
104.18.10.47
104.18.24.185
104.18.25.185
104.96.145.246
13.224.191.98
142.251.208.162
147.75.85.234
15.197.193.217
151.101.2.133
151.101.66.49
162.19.80.91
18.156.0.31
18.156.195.47
18.66.147.40
184.29.200.118
185.183.112.155
185.184.8.90
185.29.134.248
185.64.190.77
185.80.39.216
185.86.139.94
185.89.211.116
193.0.160.130
198.148.27.139
198.47.127.19
2001:4860:4802:34::36
213.19.147.45
216.52.2.16
216.52.2.39
23.2.211.147
23.35.236.201
2600:9000:21f3:a800:1f:4c18:bd40:93a1
2602:803:c003:200::21
2603:c020:400d:3000:385:a458:2098:ba6f
2606:4700:10::ac43:266a
2606:4700:20::681a:bd1
2606:4700:3033::ac43:8a74
2606:4700:4400::6812:2b9e
2606:4700::6813:bb61
2620:1ec:21::14
2a00:1450:4001:82b::2002
2a00:1450:400d:804::2008
2a00:1450:400d:806::200e
2a00:1450:400d:80d::2002
2a02:26f0:10e::6860:5b69
2a02:fa8:8806:13::1370
2a04:4e42:600::300
2a04:4e42::731
2a05:d018:cc3:fe05:c6ce:33c1:7eb8:baae
2a05:d018:d29:3602:2bd9:9049:1377:8ebc
3.120.67.15
3.208.202.151
3.209.243.37
34.235.231.136
34.243.19.114
34.246.74.92
34.247.205.196
34.249.209.209
34.253.68.108
34.98.64.218
35.210.53.219
37.252.171.53
37.252.171.85
38.91.45.7
46.228.164.11
51.75.86.98
52.222.209.55
52.28.194.209
52.28.36.30
52.46.128.147
52.5.92.241
52.58.138.83
52.94.222.140
54.221.12.17
54.243.216.36
64.74.236.127
69.166.1.12
69.173.144.138
69.173.144.139
69.192.160.219
77.245.57.72
80.77.87.166
95.101.23.64
03aa4865cc7915fae0e067d2560cde403ceef2873a31dc210cef8a280b66c73b
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09fcb094d354dbbb24fcc018cab56592eeb14afa302293901f012b298e396171
0b8514c85c13a143e983c709b2f011704416baf80c4afc94e687438143852ce5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
1a53537e14de571320c27235939e4eabba481cbddcb481e90683af387ffb74b4
1ae8192e83fbb0c1cd48572f9f4fe81f3436cbd85ffb7397c94e59bfe523055d
1b6f191e728ae9ac1abde89afe704175d5364110b8174cff0990878bdb163435
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1de2755153dc9f4991d5dcb0bcce2a2b65d7e6ce32070397fa534719b307f41e
1e5fecb2922066d4438af24cf7f6fcf7d6a5d45850d1805512a04961a0186bf0
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2e0da7b78f6365146f0889b05e139587016e6b5e2e1a8d778dbc3272ad0a6278
2f5e89db61bfdddd699a3e335c8b3834ad5c423241630efbd84231215ef3daf3
32b0ffbdaf288de753cd11b89e702c4c5c140b7a86037c852ebc341ad99c5f47
32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5
33fa1a864abfad72fec6bfb434ac84382e2216690c838a1139c6d63bb07d5c70
38a48aa40c4250549d94e857f51799512f160e05fe3d4bce0d1b5167ad5bcf00
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
3fa3ba510288667db3d6640024fa2a4b29f88d79a96d36da3fa854103d7f82db
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42f78c87adfa363463a6c1a6bc5a80dbeb1417055cef54ddb781acd6c33de3e8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
4bce842565120824e5ba275205e5eb50da948bb7fe1e6a55dc414ad7640dacf9
4d195a402297509314a9a38df1b8b94f627550aa13fc34aab675a749694e474e
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
52f2b0b3ebd2111e72bcb744342d64df5ce8cd67bec5f63c4353ed98e26b0e74
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6102da2d165fd177ec0f386f9ca80527f3a372a288c3a02ec103395b91368587
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6781dd72a1cbe241193f368a262e201b0a36eeebe8df267aea265ee271b284
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
760c39f7487504bfbf04a85cf18e57fc19b1d1cb01f7590de591b76975355a14
761764aa1cf46bc5c58865f838ed41012b516ef10c076c57f6c7b044a9cb6775
7b963bc353a2a6bb9d77f8f50082ebef12fb856622711f05128b3667e3587139
80a105cfda22bd7e95046125b6fcf8d8787d4f508c5cad418a8e9a95b89fde14
81f5051a7706193e4279d279605188a8af93b633d6255c6bb99007e8bca65c15
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
862eff8a57590f8e85dd621b011f688df35f8efea22f441abedef959721cc979
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
8659462051d02c11a0ee6a3fd27dcd5bbc7c8ffe23954381d2e6b5fad5b2043c
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c4a3119f3084a154a562d30b830982c09d3df0a708dbdc406b8a8eee7407fb1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9f30799e7ea5caddb7b79f074957baeaecccf1a31846993414008331c257d242
a4a76e64934373b1bfa852e9ee080310efe6290d8b20464f71e3a797b27e295b
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62
a986162cb6a45ca79f26fcb6a2ed34935c4fe2a348e4527a3a78f4bc730265cb
ad0e541744f676604437a82dbb6da707498b427560f66770bbbf1cc9e0871130
aeef65a43f57774850b0832b3a9fac9c9417b03c75c1e28eb1e5b1da54570f7f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37e592fbce3c1b8f5c36b935b365e29652ddc5a411ed1a6352675204c44b8f6
b4dc3266e61914b7bfb859ae3584d80844aa3ae36fda80bc11ff35d554fb1226
b76abca4ceaaf1788e86a4c3f6794567c085cb1b44220876d8953fcc3df0ac06
b7a9fb3b5278c69440600217ca252b7243fb52c37f2b3e3e2684fea55b011402
b980f9cb212d8c5ddaf769642ff595637cfa7bdd37c12349d37d421bd29004e0
bfae189ce74bb534dd50567f3da978f4aae4cd88c18e447cabb2df940027b6c6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c57b246f1cd855d76bb369c7a51311057ea093a6e9aa830837f9ca907877507a
c87c5f31e6467e8c29921a1041c879800169e3ee13b6c417a4f900fc38fbf22a
d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7
d815893ea34e5805c4cfb5e497b666f690fa80a5153bb757437bf6bfd3abb47c
d85bf3502eee48df067e8be6d1376892cd46ab9e5d5049ac4c6302e157cd2cff
da2bd0acbb92bd58b815f37d71cb8ece543f640c382bf502adfc22b7ea8feef6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cf52e4e1caef4422c1232737a61ab7ec3ff6fe8d853975691afebf272455a6
e76f8b6ac0417d83074bf2648a3a43b23f7967cf87a27a6719671bad4310f21b
e928fd56eb75f5909d953d76a6ec33742a0e9a8cda68205437fa2786b5386752
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02165b5a4e05eceda936e58979a6f5befb2d879486d62f7c6e43060d5c920cf
f08bdefefea6012f58f7790c427222c5bd4f3bfe6b3fb95d68257665c7a08996
f983d992f18cc6a5024a1fb94062872c8c1c9ddd3d936289cfb01b720a0c03d8
fa105ab6dd5ec350f98f5d8b5862f43def0a0168c2d5b857c13bc224cca42a44

user1.klaymanaria.ga Open in urlscan Pro 2606:4700:3033::ac43:8a74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

162 Requests

76 %HTTPS

24 %IPv6

64 Domains

92 Subdomains

58 IPs

8 Countries

2411 kBTransfer

7469 kBSize

21 Cookies

43 Outgoing links

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

user1.klaymanaria.ga Open in urlscan Pro
2606:4700:3033::ac43:8a74 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

76 %
HTTPS

24 %
IPv6

64
Domains

92
Subdomains

58
IPs

8
Countries

2411 kB
Transfer

7469 kB
Size

21
Cookies

162 HTTP transactions
3 data transactions