pubads.g.doubleclick.net Open in urlscan Pro
172.217.23.98 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placemen...
Submission: On August 16 via manual (August 16th 2022, 10:34:14 am UTC) from AE — Scanned from DE

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 22 domains to perform 55 HTTP transactions. The main IP is 172.217.23.98, located in United States and belongs to GOOGLE, US. The main domain is pubads.g.doubleclick.net. The Cisco Umbrella rank of the primary domain is 489.
TLS certificate: Issued by GTS CA 1C3 on July 18th 2022. Valid for: 3 months.

This is the only time pubads.g.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::ac43:44a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2	92.123.9.160 92.123.9.160	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
1	92.123.21.200 92.123.21.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	141.95.98.66 141.95.98.66	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
55	32

3 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:44a2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.75.240.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	40 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755 bidder.criteo.com — Cisco Umbrella Rank: 732	9 KB
7	openx.net setupad-d.openx.net — Cisco Umbrella Rank: 48859 eu-u.openx.net — Cisco Umbrella Rank: 2047 us-u.openx.net — Cisco Umbrella Rank: 396	2 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1040 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 707 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2288	11 KB
5	doubleclick.net 1 redirects pubads.g.doubleclick.net — Cisco Umbrella Rank: 489 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	148 KB
4	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 acdn.adnxs.com — Cisco Umbrella Rank: 584	20 KB
4	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 3659 cm.adform.net — Cisco Umbrella Rank: 1657 c1.adform.net — Cisco Umbrella Rank: 603	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 323	45 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2580 mp.4dex.io — Cisco Umbrella Rank: 3595	24 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 381	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	57 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1443 id5-sync.com — Cisco Umbrella Rank: 541	14 KB
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 40208	1 KB
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 465	771 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 484	990 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8117	792 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1685	338 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1620	17 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951	186 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	29 KB
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 43239	169 KB
55	22

	Domain	Requested by
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	c.amazon-adsystem.com	pubads.g.doubleclick.net c.amazon-adsystem.com
4	gum.criteo.com	2 redirects static.criteo.net
3	us-u.openx.net	eu-u.openx.net
3	eu-u.openx.net	stpd.cloud eu-u.openx.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	ib.adnxs.com	1 redirects stpd.cloud acdn.adnxs.com
3	mug.criteo.com	pubads.g.doubleclick.net
2	cm.g.doubleclick.net	1 redirects eu-u.openx.net
2	match.adsrvr.org	2 redirects
2	c1.adform.net	2 redirects
2	static.criteo.net	stpd.cloud static.criteo.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	eus.rubiconproject.com	pubads.g.doubleclick.net eus.rubiconproject.com
2	prebid-stag.setupad.net	stpd.cloud
2	script.4dex.io	stpd.cloud script.4dex.io
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	acdn.adnxs.com	stpd.cloud
1	www.google.com	tpc.googlesyndication.com
1	8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cdn.id5-sync.com	pubads.g.doubleclick.net
1	secure.cdn.fastclick.net	pubads.g.doubleclick.net
1	cm.adform.net	pubads.g.doubleclick.net
1	secure-assets.rubiconproject.com	1 redirects
1	mp.4dex.io	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	setupad-d.openx.net	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	adx.adform.net	stpd.cloud
1	www.googletagservices.com	pubads.g.doubleclick.net
1	stpd.cloud	pubads.g.doubleclick.net
1	pubads.g.doubleclick.net
55	39

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.stpd.cloud E1	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Frame ID: 54844E96B2843D03AB9076A1C26819C8
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201020.js
Frame ID: D86DD6CC1EF338198307DD135DDDA12A
Requests: 31 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 4BABD4C737F148D8D86CFC0C99D620AA
Requests: 4 HTTP requests in this frame

Frame: https://8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 43AB11A98F6D341013B1525AFCBF72BE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7FECA747533161940FD772ADC8C2612
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED482BB6E63C07E9C818490F699CF9F6
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pubads.g.doubleclick.net&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: E7EEB7AE99138B674D189A660C388C19
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: 5BFCA772021ABFC255DD54C4D08180C3
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 59637EA083DB5DDC8E33C682B52248DA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

55
Requests

85 %
HTTPS

41 %
IPv6

22
Domains

39
Subdomains

32
IPs

7
Countries

586 kB
Transfer

1859 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2F&domain=pubads.g.doubleclick.net&gdprString=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=uenr7XxUR0MxVEo2Rm9hN0R5Tyt6RFRXOXNpZExVU2FzbEphVDNZWGprMm9HbHo4OUxGUUFmakVPNGZUSjdlZ3ZMNnFvTGJ5T0lDK25wYTBUYTFERmV2Mk9OK29ZN3VkOHRJRUR1QzhHdGczRy9IcjRVSTNWc1hYc2dMTWQxQkQ5K2FRU0tKaS9DSDRSMFUvQnVDcWJOSjFzUEFXaFNXb0tqZyt5dXRsdGRyTzljK3JUdnFXQ2JwVGs5VzNKd0FkMjgrQTZFeTlNUGhYQ3EwNlVUNXdaQllXdTZIVFp5VGtsdVJ6S3A2OW94N2FNVVU0MEkvclhHeDUvQlBpcHQ5alVhVndOfA&cppv=2

Request Chain 14

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 44

https://gum.criteo.com/sid/json?origin=publishertag&domain=doubleclick.net&sn=ChromeSyncframe&so=3&topUrl=pubads.g.doubleclick.net&bundle=TXeI9V9kZlU4VTBqRUxkazl6WlJjZUQxdFdXWk5LMUhkNjEwZGNoV05hUCUyRk1qcGdyaFNYV1ByeGpBSlNkRjJhSGg4NzVXZEdvJTJCVSUyQmVrJTJGZXolMkJ5UUo0NTRiWDRaR2NmUUJBOWJFVSUyQkFPRGwlMkZTbVNqTVl6d3JqZk9JTHc0eW91U0dZdHZp&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=eSV2iHw3ZFdJOFpESmVaM2Racy90b291bS9nZG1Hb1ZZb3lMTCt3S3RGK21DUU5uRkZlMGp3L3Z2U3ZrcE1yN0FwWExKS1Z1KzdyTlcxMVlFUEJtODd3K3h2SDFnSDVWckQzQlh2ME9Uamx5RmdxZE5LRFNEVnZkN3dLL015aTZqY0UvN0plTFJodTMxV2pZWjFvaWN4VUN5dEVIcmRIdlR1VFFBNjdNZGw2SWZEd0ZuY3hPM2V6amN3SGdsdzRsRU11Ni9jREhHMnRWWkdSdTNoTVNmbGRKNGJRdmhLVDZpd1paYXJhUnp4SU5QRmNjbFV2Z0JQNzhTZkdabUtRSzNUZVpmMlAwMloreitZa29xOG9JSzc3cTQrY0hVak5MMjZYNXZLaDRDVHI2cHBXZz18&cppv=2

Request Chain 47

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 48

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c662fb-72a5-4600-8249-ec111e922625&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 49

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&val=l9r29Jba8aOM0KWkkoy9p5WKoaCMi6CgxI3qDdEs

Request Chain 50

https://c1.adform.net/serving/cookie/match?party=22&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8439135425576173331&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 51

https://match.adsrvr.org/track/cmf/openx?oxid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec6fa106-cd16-4d1f-b42e-9f106b0ca811&ttd_puid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtVzljifipySTIJBPyGsCs&google_cver=1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request adx Show response
pubads.g.doubleclick.net/gampad/ 53 KB
13 KB 191ms
108ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

80fed5efab484a6e4bb81f61d59751b709971baf2aa7213923e25dfa8d94c3f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 12622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 10:34:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
google-creative-id: 138380025274
google-lineitem-id: 5522449157
google-mediationgroup-id: -2
google-mediationtag-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 stpd201020.js Show response
stpd.cloud/assets/postbid/ Frame D86D 634 KB
169 KB 88ms
35ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201020.js
Requested by: Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d74a6b17d90c292ebd4909c54569f496a0a2150a875f1790af0427be87b19c98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: N/0t3WNEoYV17XpDCVfTpg==
age: 3032
x-ms-lease-status: unlocked
last-modified: Tue, 16 Aug 2022 07:42:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8b33c83e-001e-0051-3343-b1621b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 73b9841518029b31-FRA
expires: Tue, 16 Aug 2022 14:34:10 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 59ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2F&domain=pubads.g.doubleclick.net&gdprString=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&cw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pubads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://pubads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 16 Aug 2022 10:34:09 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1468
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame D86D 159 KB
41 KB 51ms
9ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 16 Aug 2022 09:58:44 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified: Tue, 16 Aug 2022 07:09:46 GMT
server: AmazonS3
age: 2127
etag: W/"52a6bc60961c702869c58b9d159c8e37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P3
content-encoding: gzip
x-amz-cf-id: HsHjPu27MW5_B-VIL04uEkXq2GkbzgAkCLCwWuAsobuWvZeBhNh98g==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D86D 83 KB
29 KB 128ms
45ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07dc2e48ef051b38cc4841495a54a57efd4b1b8c12f4dd47af04ebf5dc60b5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28647
x-xss-protection: 0
server: sffe
etag: "1305 / 53 of 1000 / last-modified: 1660645427"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 16 Aug 2022 10:34:10 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame D86D 483 B
937 B 60ms
21ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 682456
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liR1a0wySWCu6SGstRfEdfhK44cv7kEDnL0cwTjkJeKXWODYxYHC%2BY6yX0JTOGSvqt6jDeq3nA8xOa8tPA6gQmwdl2fZekpivKKXJyxM47SiaBo71VQ2Em6R5DAvbHkHkEuGrSvC00lviKfK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 73b984163ac59124-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame D86D
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2F&domain=pubads.g.doubleclick.net&gdprString=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1...
https://mug.criteo.com/sid?cpp=uenr7XxUR0MxVEo2Rm9hN0R5Tyt6RFRXOXNpZExVU2FzbEphVDNZWGprMm9HbHo4OUxGUUFmakVPNGZUSjdlZ3ZMNnFvTGJ5T0lDK25wYTBUYTFERmV2Mk9OK29ZN3VkOHRJRUR1QzhHdGczRy9IcjRVSTNWc1hYc2dMTW...

355 B
622 B

50ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uenr7XxUR0MxVEo2Rm9hN0R5Tyt6RFRXOXNpZExVU2FzbEphVDNZWGprMm9HbHo4OUxGUUFmakVPNGZUSjdlZ3ZMNnFvTGJ5T0lDK25wYTBUYTFERmV2Mk9OK29ZN3VkOHRJRUR1QzhHdGczRy9IcjRVSTNWc1hYc2dMTWQxQkQ5K2FRU0tKaS9DSDRSMFUvQnVDcWJOSjFzUEFXaFNXb0tqZyt5dXRsdGRyTzljK3JUdnFXQ2JwVGs5VzNKd0FkMjgrQTZFeTlNUGhYQ3EwNlVUNXdaQllXdTZIVFp5VGtsdVJ6S3A2OW94N2FNVVU0MEkvclhHeDUvQlBpcHQ5alVhVndOfA&cppv=2

Requested by

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

931f137892b381f5e18ef6e830332ac811278727317229b93f538890a4cad642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:09 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2748
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:10 GMT
location: https://mug.criteo.com/sid?cpp=uenr7XxUR0MxVEo2Rm9hN0R5Tyt6RFRXOXNpZExVU2FzbEphVDNZWGprMm9HbHo4OUxGUUFmakVPNGZUSjdlZ3ZMNnFvTGJ5T0lDK25wYTBUYTFERmV2Mk9OK29ZN3VkOHRJRUR1QzhHdGczRy9IcjRVSTNWc1hYc2dMTWQxQkQ5K2FRU0tKaS9DSDRSMFUvQnVDcWJOSjFzUEFXaFNXb0tqZyt5dXRsdGRyTzljK3JUdnFXQ2JwVGs5VzNKd0FkMjgrQTZFeTlNUGhYQ3EwNlVUNXdaQllXdTZIVFp5VGtsdVJ6S3A2OW94N2FNVVU0MEkvclhHeDUvQlBpcHQ5alVhVndOfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pubads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1670
content-length: 509
expires: 0

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame D86D 593 B
1 KB 74ms
31ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 405a317156b0f4353c5c33b5650701bddbe139d63fea5225a04ef81b901ab767

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99KNCkqcJgUdqymJqYElfTrBFzLBvRHhlHcX9Z8dtMqIXaayXYMiunfWW854JIgaVVVfSSUENuqV9%2Fc2%2FSvPynypkhRxtO8HyA%2BBEU7fy3s29sCqPuLAO5JJjAurVsvQyQmz6NhpMZ6Br7ce3RbUDlI9yQym"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pubads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 73b9841648fd8ff8-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame D86D 111 B
393 B 147ms
105ms XHR
application/json 2606:4700:20::ac43:44a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3edcc6bffa12dac9481723e91a86f8946bf9ddea5eaa902f5e69ff773d7049d

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olgaq4UKyeRSlPDjJyhCQrgEZ1ErKjq1aJ%2F0q7fyJVDHl7ZUCLK1BCugzxtnnyjsStqpgcN2G4VXSC8rTeOnZSD1f3hv2XTalVyB6fgWOyp6SW3TEuwV3KuncVLcD%2BfqDVj9RA1baNEuone1SsavIs01BVpG"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://pubads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 73b9841648fe8ff8-FRA
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ Frame D86D 5 B
491 B 163ms
57ms XHR
application/json 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTkxMTA4MiZ0cmFuc2FjdGlvbklkPWUyMzU2OGQ4LTZmOTctNDljMi05NDgyLWE4YzkxYmQ4Yjc4OA%3D%3D&pt=gross&stid=c2f45a2a-255c-44eb-aa9f-fd05ad5ef0ee&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&eids=eyJwdWJjaWQub3JnIjp7ImUzYTI2OGYyLTRjOWEtNDNlZC05MDdkLTk2ZTRkNDczMmM1OCI6WzFdfX0%3D&fd=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://pubads.g.doubleclick.net
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame D86D 0
186 B 60ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pubads.g.doubleclick.net
date: Tue, 16 Aug 2022 10:34:10 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ Frame D86D 512 B
863 B 170ms
66ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fadx%3Fiu%3D%2F147246189%2C22676409927%2Fittutorial.org_300x250_responsive_DFP%26sz%3D300x250%26t%3DPlacement_type%253Dserving%261660561334006&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e23568d8-6f97-49c2-9482-a8c91bd8b788&nocache=1660646050243&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&x_gdpr_f=1&pubcid=e3a268f2-4c9a-43ed-907d-96e4d4732c58&schain=1.0%2C1!setupad.com%2C694%2C1%2C%2C%2C&aus=300x250%2C250x250%2C300x200&divIds=div-custom-ad-1660646050042-0&auid=543832203
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 427b4e0091d5da681d2e38855c52284d864a4e556b2ea972eb2e879bb5cd1bba

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://pubads.g.doubleclick.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 431
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D86D 48 B
751 B 66ms
16ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 10:34:10 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8a5c488c-32c2-4274-be26-9f44b8c2307f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pubads.g.doubleclick.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D86D 0
226 B 86ms
18ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.12.0-pre&cb=5617424672

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://pubads.g.doubleclick.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 prebid Show response
mp.4dex.io/ Frame D86D 0
344 B 98ms
45ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-origin: https://pubads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 73b984166b399119-FRA
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
expires: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4BAB
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

101ms
30ms

Document
text/html

92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 16 Aug 2022 10:34:10 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 16 Aug 2022 10:34:10 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame D86D 662 B
1019 B 102ms
102ms XHR
application/json 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpubads.g.doubleclick.net&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pubads.g.doubleclick.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 662
x-amz-cf-id: VpgdhyQZTx6pNSxIeQD5PIkoTfMtyRIj5gamC5v27ztPAzQTGL26AQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D86D 6 KB
3 KB 26ms
8ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 44078
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
date: Mon, 15 Aug 2022 22:19:33 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 9RAmtyb4lDSjXFyk4hmWHPC4787w6Ar2ZHm2HYslNAizW9GAAfAqOg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame D86D 23 B
498 B 326ms
326ms XHR
text/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fadx%3Fiu%3D%2F147246189%2C22676409927%2Fittutorial.org_300x250_responsive_DFP%26sz%3D300x250%26t%3DPlacement_type%253Dserving%261660561334006&pid=jBORFGbmY0vBn&cb=0&ws=300x150&v=22.8.42053&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1660646050042-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x200%22%5D%2C%22sn%22%3A%22%2F147246189%2C22676409927%2Fittutorial.org_300x250_desktop_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-55.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 4YGJN7MRJQNJM13684B3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pubads.g.doubleclick.net
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dHmOAYeaZDQAPQoanTXYYd4mpZWyVhfiGn_E2G6EfBPVVJacxcG_Ow==

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame D86D 72 KB
23 KB 76ms
30ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2549662
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx5975063cf48843689a3f5-0062a04ded
x-amz-id-2: tx5975063cf48843689a3f5-0062a04ded
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYuBoPZmLCqXvY46T0a58m5u0YRfYhaIQXehMKLsG9vF3fDs2fd7AE08%2BItevaNC%2BvFO1Ct1Hb0D4T73S%2BIN%2Fvrzu5C9m2miHHv%2FjKRMV8hONwWKz4buLNwdd7n7PtL0XTC8UjWyuIuduYPB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 73b98416b8fd9bdd-FRA
access-control-allow-headers: Authorization

GET
H2 200 cookie
cm.adform.net/ Frame D86D 43 B
106 B 105ms
32ms Image
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3DCPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA%26uid%3D%24UID
Requested by: Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
server: nginx
content-length: 43
content-type: image/gif

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 155ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 16 Aug 2022 10:34:10 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 431013
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pubads_impl_2022081101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D86D 388 KB
133 KB 46ms
45ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

sffe /

Resource Hash

48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135472
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:35:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 16 Aug 2023 09:43:15 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame D86D 53 KB
17 KB 114ms
45ms Script
application/javascript 92.123.21.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-21-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 16 Aug 2022 10:49:10 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame D86D 42 KB
12 KB 76ms
25ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 2614
x-amz-server-side-encryption: AES256
x-amz-request-id: TVF7RG792QAVQG2J
x-amz-id-2: Sa7zQc+7lNe7PDjLyrJqJF+9hSqYqI/QCk7CiAO/0GaOgRmSRmsJjzFhr/u0s4ljezxmHfR5Cos=
last-modified: Wed, 27 Jul 2022 15:06:46 GMT
server: cloudflare
etag: W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 73b9841768429152-FRA

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4BAB 31 KB
10 KB 50ms
50ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 10:34:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=55057
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9453
Expires: Wed, 17 Aug 2022 01:51:47 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4BAB 284 B
536 B 50ms
11ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/jpg

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame D86D 33 B
338 B 37ms
7ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31533568.ip-162-19-138.eu
Software: /
Resource Hash: 84f67b2966de0f841622921ca23f6c07016c100670bfe1e3bc2194f04124b0a5

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pubads.g.doubleclick.net
date: Tue, 16 Aug 2022 10:34:09 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4BAB 0
239 B 90ms
16ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame D86D 1 KB
2 KB 43ms
14ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

db06041dea008e6b66eeaca634b1cf6564a92d545429e58c57eb7dda69887bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://pubads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Aug 2022 10:34:09 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://pubads.g.doubleclick.net
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame D86D 107 B
792 B 164ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pubads.g.doubleclick.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D86D 107 B
549 B 144ms
49ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pubads.g.doubleclick.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D86D 768 B
855 B 86ms
85ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=90169699551439&correlator=1047561848925504&eid=31068458%2C31068926%2C44764001&output=ldjh&gdfp_req=1&vrg=2022081101&ptt=17&impl=fifs&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&iu_parts=147246189%3A22676409927%2Cittutorial.org_300x250_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C300x200&ifi=1&adks=2727761863&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie_enabled=1&cdm=pubads.g.doubleclick.net&abxe=1&dt=1660646050646&lmt=1660646050&dlt=1660646050029&idt=518&adxs=8&adys=83&biw=1600&bih=1200&isw=300&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=3ygq47ebcwrg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fadx%3Fiu%3D%2F147246189%2C22676409927%2Fittutorial.org_300x250_responsive_DFP%26sz%3D300x250%26t%3DPlacement_type%253Dserving%261660561334006&top=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fadx%3Fiu%3D%2F147246189%2C22676409927%2Fittutorial.org_300x250_responsive_DFP%26sz%3D300x250%26t%3DPlacement_type%253Dserving%261660561334006&frm=23&vis=1&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1678920322.1660646051&ga_sid=1660646051&ga_hid=544878410&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

fd84be852a40b634df82b92f88caf6c7c54e99f7b8bc6cd23d913416186e52b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 472
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pubads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D86D 14 KB
11 KB 190ms
92ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40153f0a7279f4048116e6d26c9dffa6e1cb2e0df3c13217c8aa4e228b66024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Aug 2022 10:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11094
x-xss-protection: 0

GET
H2 200 container.html Show response
8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 43AB 6 KB
4 KB 214ms
48ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 10:34:10 GMT
expires: Wed, 16 Aug 2023 10:34:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D86D 17 KB
7 KB 190ms
61ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 10:34:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7FE 13 KB
5 KB 140ms
57ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 09:31:01 GMT
expires: Wed, 16 Aug 2023 09:31:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED48 783 B
1 KB 217ms
131ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18c3e3025309509cf3d55caf80fb178a4801f855845fc3a2e458961e52646fe8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h3LIlqQeBi67zYZsJYrYyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-h3LIlqQeBi67zYZsJYrYyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 10:34:11 GMT
expires: Tue, 16 Aug 2022 10:34:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js Show response
pagead2.googlesyndication.com/bg/ Frame D7FE 36 KB
14 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13955
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:34:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED48 0
0 82ms
74ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081101&jk=90169699551439&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D7FE 0
10 B 65ms
64ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7QV5Nw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D86D 0
0 76ms
76ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081101&jk=90169699551439&bg=!BgWlBUHNAAa4hXTbmIU7ACkAdvg8WkjcTjgG02_bhtSqQib0cL2Z4C-hAhAjOBhCyOFSzJtnqC2D6AIAAABLUgAAAAJoAQeZAvr8nEPByVGaEswAIwnQaFYhkS5SmvKi5m5LlNRbm6fXBwKuBB0NJ1RkMEF38BXPVMbtjkgXpmVz8vJTVaeYrkyG4bw3ZaXdY2ZArSQ4XYyOQFObQ3REGrkNHPuFP9MqMXTuI6sHWBDzFVsGpF5pjdeJIS_krX41MUToAhIWLLs9zi3eiSutAoGihCzt57RFqDlkMY3-S3erN0CrDqFPA3FUc0QBcQpLdqTlJC4_jmDudll9d1dzPdqDdC7-feGc8-PBBWD7XM8A953Wab_pNXgg6XiHnZfS04y9xJlrQmKTq7Ku37kRkG9ZRG_aSiAKjGXDnN0jV5p6CAIxnBccS6-H9ksbjhW9UAkYr0N2yG-PdxDxUyeFApX0UzMbGib2ULZvPYNCWlcD3QVOpLaPFFfVbsiJBK7f1aw1CbZm8yfq0b3Lw7UHb9nwdWf6v4LswtecPleY3mTQ8LZMeh-rRkLn-175KIwvJqbND1ynhU9nQgO9StU2KCoOmUyETgngE2EnlQaKTEdxxEIlttS1Ht8uY4GCtMIHRPwNQdRbYPjfxi_IINFDL_DXuqWvUcYpsxdemLB451e9fw6J4V9I39Lbkopv5NIDlo4peuFhPD53Di-AZMRtKd0Bd8O11cfUoJ3GXl1D0xHLR_nfQahIM2BoNgzYswT1ro48fZc6oq8gJNTWv1qv5hsfL97QM0zLh0SjwxBia6QjSBjgqs-ZUb03IyuLovV4dX3L_Gkzu3t_VeuLtwZW9BhpqN5OpioBa5B3me9NqXC90xoH8UWaO2w6BdWMuFuICGWKgQx46O9pPi3vrABIE-g5gUBai3vKRq88VTj7QsUt5vK2meeLZkk2LarHUu83QPNA2e83OExHu4Spm0RYjh_vm29DCEVQKWG_j0yx9tM1-Gdi__vXm4FOZOaBpHlQUxj-jLc54fdcbCYxhYEJ9wxn_T_6HgPjxJ0Cov1ma9dXZoG4GWQgfBjY_5X4U8pYJu3tQVKLs0Gty05_jZNpWBLNEi8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame D86D 87 KB
29 KB 47ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:13 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:20:45 GMT
server: nginx
etag: W/"62fb454d-15cfe"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 Aug 2022 10:34:13 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E7EE 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pubads.g.doubleclick.net&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 10:34:12 GMT
server-processing-duration-in-ticks: 2518
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame D86D 87 KB
28 KB 93ms
64ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pubads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:34:13 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 Aug 2022 10:34:13 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E7EE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=doubleclick.net&sn=ChromeSyncframe&so=3&topUrl=pubads.g.doubleclick.net&bundle=TXeI9V9kZlU4VTBqRUxkazl6WlJjZUQxdFdXWk5LMUhkNjEwZGNoV05hUCU...
https://mug.criteo.com/sid?cpp=eSV2iHw3ZFdJOFpESmVaM2Racy90b291bS9nZG1Hb1ZZb3lMTCt3S3RGK21DUU5uRkZlMGp3L3Z2U3ZrcE1yN0FwWExKS1Z1KzdyTlcxMVlFUEJtODd3K3h2SDFnSDVWckQzQlh2ME9Uamx5RmdxZE5LRFNEVnZkN3dLL0...

438 B
632 B

18ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=eSV2iHw3ZFdJOFpESmVaM2Racy90b291bS9nZG1Hb1ZZb3lMTCt3S3RGK21DUU5uRkZlMGp3L3Z2U3ZrcE1yN0FwWExKS1Z1KzdyTlcxMVlFUEJtODd3K3h2SDFnSDVWckQzQlh2ME9Uamx5RmdxZE5LRFNEVnZkN3dLL015aTZqY0UvN0plTFJodTMxV2pZWjFvaWN4VUN5dEVIcmRIdlR1VFFBNjdNZGw2SWZEd0ZuY3hPM2V6amN3SGdsdzRsRU11Ni9jREhHMnRWWkdSdTNoTVNmbGRKNGJRdmhLVDZpd1paYXJhUnp4SU5QRmNjbFV2Z0JQNzhTZkdabUtRSzNUZVpmMlAwMloreitZa29xOG9JSzc3cTQrY0hVak5MMjZYNXZLaDRDVHI2cHBXZz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

50ef75de4a78bdea9082784718bbe8acd8d6224e596282922381969b6ace6459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4557
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:12 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=eSV2iHw3ZFdJOFpESmVaM2Racy90b291bS9nZG1Hb1ZZb3lMTCt3S3RGK21DUU5uRkZlMGp3L3Z2U3ZrcE1yN0FwWExKS1Z1KzdyTlcxMVlFUEJtODd3K3h2SDFnSDVWckQzQlh2ME9Uamx5RmdxZE5LRFNEVnZkN3dLL015aTZqY0UvN0plTFJodTMxV2pZWjFvaWN4VUN5dEVIcmRIdlR1VFFBNjdNZGw2SWZEd0ZuY3hPM2V6amN3SGdsdzRsRU11Ni9jREhHMnRWWkdSdTNoTVNmbGRKNGJRdmhLVDZpd1paYXJhUnp4SU5QRmNjbFV2Z0JQNzhTZkdabUtRSzNUZVpmMlAwMloreitZa29xOG9JSzc3cTQrY0hVak5MMjZYNXZLaDRDVHI2cHBXZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1537
content-length: 567
expires: 0

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 5BFC 3 KB
1011 B 48ms
42ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 85501392f9fc1f22fb90d1062e9d1ec37e3937b3ba5c6f25fe231b1e411bedfc

Request headers

Referer: https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 700
content-type: text/html
date: Tue, 16 Aug 2022 10:34:13 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5963 52 KB
17 KB 34ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 21157
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 16 Aug 2022 10:34:13 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 343807
X-Served-By: cache-lga21945-LGA, cache-hhn4075-HHN
X-Timer: S1660646053.451447,VS0,VE0

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 5963
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
819 B

10ms
10ms

Script
text/html

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 10:34:13 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9d8c5b19-6231-4684-be1e-7783b8d0b347
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 10:34:13 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 075ab2fd-03e5-4f8a-91ec-0b0dce30f48e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9f...
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c662fb-72a5-4600-8249-ec111e922625&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX...

43 B
61 B

41ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c662fb-72a5-4600-8249-ec111e922625&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 16 Aug 2022 10:34:13 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c662fb-72a5-4600-8249-ec111e922625&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 16 Aug 2022 10:34:12 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFc...
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNK...

43 B
122 B

50ms
44ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&val=l9r29Jba8aOM0KWkkoy9p5WKoaCMi6CgxI3qDdEs
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&val=l9r29Jba8aOM0KWkkoy9p5WKoaCMi6CgxI3qDdEs
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMY...
https://c1.adform.net/serving/cookie/match?CC=1&party=22&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkF...
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8439135425576173331&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdl...

43 B
61 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8439135425576173331&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8439135425576173331&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4Ji...
https://match.adsrvr.org/track/cmb/openx?oxid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4Ji...
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec6fa106-cd16-4d1f-b42e-9f106b0ca811&ttd_puid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb...

43 B
62 B

22ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec6fa106-cd16-4d1f-b42e-9f106b0ca811&ttd_puid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec6fa106-cd16-4d1f-b42e-9f106b0ca811&ttd_puid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 985

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5BFC 170 B
502 B 162ms
54ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWM2MTg0NjEtMmM2YS0yMmJlLWRmNGItMDRiNTdhYjZkMWM1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBA...
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtVzljifipySTIJBPyGsCs&google_cver=1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2...

43 B
61 B

45ms
44ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtVzljifipySTIJBPyGsCs&google_cver=1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:34:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtVzljifipySTIJBPyGsCs&google_cver=1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pubads.g.doubleclick.net/	1970-01-20 06:00:38	Name: _pbjs_userid_consent_data Value: 8082702947762165
.doubleclick.net/	1970-01-20 14:03:02	Name: _pubcid Value: e3a268f2-4c9a-43ed-907d-96e4d4732c58
.openx.net/	1970-01-20 14:03:02	Name: i Value: e3a268f2-4c9a-43ed-907d-96e4d4732c58\|1660646050
pubads.g.doubleclick.net/	1970-01-20 14:39:02	Name: cto_bidid Value: pleSvF9ucUZtRDJReTVPa2x5d1FoQUJZTmloc1h3MlBHMHFNckxTRktZM1VLTmcwZVh3cTNHTHVzQ3MlMkZidmVvb1p4dnJDOTVRSVNhME5rckgyZkglMkY5UXl6eUElM0QlM0Q
pubads.g.doubleclick.net/	1970-01-20 14:39:02	Name: cto_bundle Value: TXeI9V9kZlU4VTBqRUxkazl6WlJjZUQxdFdXWk5LMUhkNjEwZGNoV05hUCUyRk1qcGdyaFNYV1ByeGpBSlNkRjJhSGg4NzVXZEdvJTJCVSUyQmVrJTJGZXolMkJ5UUo0NTRiWDRaR2NmUUJBOWJFVSUyQkFPRGwlMkZTbVNqTVl6d3JqZk9JTHc0eW91U0dZdHZp
.id5-sync.com/	1970-01-20 07:27:02	Name: id5 Value: d9c5e1f4-3e38-4431-bdde-e3128d2efcaa#1660646050576#1
.doubleclick.net/	1970-01-20 14:39:02	Name: IDE Value: AHWqTUlHx7Y75NMRJdn4mIplrtc7Dot_33z6M-rW5q8lkasG3B9wOz73MLPZwOdmqBM
.doubleclick.net/	1970-01-20 14:39:02	Name: __gads Value: ID=64e489258593978a:T=1660646050:S=ALNI_MYA7tqe4NV1ZJHhTvVZaYtD_HMpXg
.criteo.com/	1970-01-20 14:39:02	Name: uid Value: d03b2233-cf0d-4338-8d99-a3a9ff450b76
.doubleclick.net/	1970-01-20 14:39:02	Name: cto_bundle Value: 9GCHOF9kZlU4VTBqRUxkazl6WlJjZUQxdFdmdlc5aVZyRUNvQzR2Y1V6JTJGeWUlMkZjaG01VCUyRlNLRWMlMkZwOElraThSbUk2b1RadERqam45aXdCS0dma2hJbUNBOHA4VXhMOSUyQkZUQUxFSFBQanBEZzFjMkdieWVEMUUlMkJxUGxmbUc4ZUpFdDZIU0l6S0VmdWc2Y0hwUVRORk50d0Nwb0ElM0QlM0Q
.g.doubleclick.net/	1970-01-20 14:39:02	Name: cto_bundle Value: 9GCHOF9kZlU4VTBqRUxkazl6WlJjZUQxdFdmdlc5aVZyRUNvQzR2Y1V6JTJGeWUlMkZjaG01VCUyRlNLRWMlMkZwOElraThSbUk2b1RadERqam45aXdCS0dma2hJbUNBOHA4VXhMOSUyQkZUQUxFSFBQanBEZzFjMkdieWVEMUUlMkJxUGxmbUc4ZUpFdDZIU0l6S0VmdWc2Y0hwUVRORk50d0Nwb0ElM0QlM0Q
.pubads.g.doubleclick.net/	1970-01-20 14:39:02	Name: cto_bundle Value: 9GCHOF9kZlU4VTBqRUxkazl6WlJjZUQxdFdmdlc5aVZyRUNvQzR2Y1V6JTJGeWUlMkZjaG01VCUyRlNLRWMlMkZwOElraThSbUk2b1RadERqam45aXdCS0dma2hJbUNBOHA4VXhMOSUyQkZUQUxFSFBQanBEZzFjMkdieWVEMUUlMkJxUGxmbUc4ZUpFdDZIU0l6S0VmdWc2Y0hwUVRORk50d0Nwb0ElM0QlM0Q
.openx.net/	1970-01-20 05:39:02	Name: pd Value: v2\|1660646053\|gekin0vNiygu
.adnxs.com/	1970-01-20 07:27:02	Name: uuid2 Value: 6526295300255151841
.quantserve.com/	1970-01-20 07:27:02	Name: d Value: EMMBDAHvJoqsMA
.quantserve.com/	1970-01-20 14:47:40	Name: mc Value: 62fb72a5-8523d-14b16-c06ee
.mathtag.com/	1970-01-20 14:43:21	Name: uuid Value: e3c662fb-72a5-4600-8249-ec111e922625
.adsrvr.org/	1970-01-20 14:03:02	Name: TDID Value: ec6fa106-cd16-4d1f-b42e-9f106b0ca811
.adform.net/	1970-01-20 06:02:04	Name: C Value: 1
.adsrvr.org/	1970-01-20 14:03:02	Name: TDCPM Value: CAEYBSABKAIyCwiinZuAs9__OhAFOAE.
.adform.net/	1970-01-20 06:43:50	Name: uid Value: 8439135425576173331
.openx.net/	1970-01-20 05:39:02	Name: univ_id Value: 537072971\|ec6fa106-cd16-4d1f-b42e-9f106b0ca811\|1660646053625786

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.id5-sync.com
cm.adform.net
cm.g.doubleclick.net
eu-u.openx.net
eus.rubiconproject.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
pubads.g.doubleclick.net
script.4dex.io
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
static.criteo.net
stpd.cloud
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
us-u.openx.net
www.google.com
www.googletagservices.com
141.95.98.66
151.101.129.108
162.19.138.117
172.217.16.194
172.217.23.98
178.250.0.157
178.250.0.165
185.184.8.90
185.29.132.245
23.75.240.210
2606:4700:10::6816:3556
2606:4700:20::681a:9a9
2606:4700:20::ac43:44a2
2606:4700::6812:1f31
2606:4700::6812:272
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:810::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a02:2638:1::3
2a02:2638::1c
3.33.220.150
34.98.64.218
35.244.159.8
37.157.3.28
37.157.3.29
37.157.3.30
37.252.172.250
52.222.209.55
69.173.144.138
69.173.144.165
92.123.21.200
92.123.9.160
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07dc2e48ef051b38cc4841495a54a57efd4b1b8c12f4dd47af04ebf5dc60b5ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
18c3e3025309509cf3d55caf80fb178a4801f855845fc3a2e458961e52646fe8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405a317156b0f4353c5c33b5650701bddbe139d63fea5225a04ef81b901ab767
427b4e0091d5da681d2e38855c52284d864a4e556b2ea972eb2e879bb5cd1bba
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
50ef75de4a78bdea9082784718bbe8acd8d6224e596282922381969b6ace6459
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
80fed5efab484a6e4bb81f61d59751b709971baf2aa7213923e25dfa8d94c3f2
84f67b2966de0f841622921ca23f6c07016c100670bfe1e3bc2194f04124b0a5
85501392f9fc1f22fb90d1062e9d1ec37e3937b3ba5c6f25fe231b1e411bedfc
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
931f137892b381f5e18ef6e830332ac811278727317229b93f538890a4cad642
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d
a3edcc6bffa12dac9481723e91a86f8946bf9ddea5eaa902f5e69ff773d7049d
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6
d40153f0a7279f4048116e6d26c9dffa6e1cb2e0df3c13217c8aa4e228b66024
d74a6b17d90c292ebd4909c54569f496a0a2150a875f1790af0427be87b19c98
db06041dea008e6b66eeaca634b1cf6564a92d545429e58c57eb7dda69887bcb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
fd84be852a40b634df82b92f88caf6c7c54e99f7b8bc6cd23d913416186e52b5

pubads.g.doubleclick.net Open in urlscan Pro 172.217.23.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

85 %HTTPS

41 %IPv6

22 Domains

39 Subdomains

32 IPs

7 Countries

586 kBTransfer

1859 kBSize

22 Cookies

0 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pubads.g.doubleclick.net Open in urlscan Pro
172.217.23.98 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

85 %
HTTPS

41 %
IPv6

22
Domains

39
Subdomains

32
IPs

7
Countries

586 kB
Transfer

1859 kB
Size

22
Cookies

55 HTTP transactions
0 data transactions