URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placemen...
Submission: On August 16 via manual from AE — Scanned from DE

Summary

This website contacted 32 IPs in 7 countries across 22 domains to perform 55 HTTP transactions. The main IP is 172.217.23.98, located in United States and belongs to GOOGLE, US. The main domain is pubads.g.doubleclick.net. The Cisco Umbrella rank of the primary domain is 489.
TLS certificate: Issued by GTS CA 1C3 on July 18th 2022. Valid for: 3 months.
This is the only time pubads.g.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.217.23.98 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
4 52.222.209.55 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 37.157.3.29 198622 (ADFORM)
1 185.184.8.90 204995 (RTB-HOUSE...)
3 35.244.159.8 15169 (GOOGLE)
1 3 37.252.172.250 29990 (ASN-APPNEX)
1 178.250.0.165 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 23.75.240.210 16625 (AKAMAI-AS)
2 92.123.9.160 16625 (AKAMAI-AS)
1 37.157.3.28 198622 (ADFORM)
1 92.123.21.200 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 69.173.144.138 26667 (RUBICONPR...)
1 162.19.138.117 16276 (OVH)
1 69.173.144.165 26667 (RUBICONPR...)
1 141.95.98.66 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 151.101.129.108 54113 (FASTLY)
1 1 185.29.132.245 30419 (MEDIAMATH...)
4 34.98.64.218 15169 (GOOGLE)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2 37.157.3.30 198622 (ADFORM)
2 2 3.33.220.150 16509 (AMAZON-02)
1 2 172.217.16.194 15169 (GOOGLE)
55 32
Apex Domain
Subdomains
Transfer
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
40 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 401
mug.criteo.com — Cisco Umbrella Rank: 2755
bidder.criteo.com — Cisco Umbrella Rank: 732
9 KB
7 openx.net
setupad-d.openx.net — Cisco Umbrella Rank: 48859
eu-u.openx.net — Cisco Umbrella Rank: 2047
us-u.openx.net — Cisco Umbrella Rank: 396
2 KB
5 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1040
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 707
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2288
11 KB
5 doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 489
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
148 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
acdn.adnxs.com — Cisco Umbrella Rank: 584
20 KB
4 adform.net
adx.adform.net — Cisco Umbrella Rank: 3659
cm.adform.net — Cisco Umbrella Rank: 1657
c1.adform.net — Cisco Umbrella Rank: 603
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
45 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2580
mp.4dex.io — Cisco Umbrella Rank: 3595
24 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
57 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1443
id5-sync.com — Cisco Umbrella Rank: 541
14 KB
2 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 40208
1 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 465
771 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 484
990 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
792 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1685
338 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1620
17 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951
186 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
29 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 43239
169 KB
55 22
Domain Requested by
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 c.amazon-adsystem.com pubads.g.doubleclick.net
c.amazon-adsystem.com
4 gum.criteo.com 2 redirects static.criteo.net
3 us-u.openx.net eu-u.openx.net
3 eu-u.openx.net stpd.cloud
eu-u.openx.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 ib.adnxs.com 1 redirects stpd.cloud
acdn.adnxs.com
3 mug.criteo.com pubads.g.doubleclick.net
2 cm.g.doubleclick.net 1 redirects eu-u.openx.net
2 match.adsrvr.org 2 redirects
2 c1.adform.net 2 redirects
2 static.criteo.net stpd.cloud
static.criteo.net
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 eus.rubiconproject.com pubads.g.doubleclick.net
eus.rubiconproject.com
2 prebid-stag.setupad.net stpd.cloud
2 script.4dex.io stpd.cloud
script.4dex.io
1 pixel.quantserve.com 1 redirects
1 sync.mathtag.com 1 redirects
1 acdn.adnxs.com stpd.cloud
1 www.google.com tpc.googlesyndication.com
1 8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 id5-sync.com cdn.id5-sync.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 token.rubiconproject.com eus.rubiconproject.com
1 cdn.id5-sync.com pubads.g.doubleclick.net
1 secure.cdn.fastclick.net pubads.g.doubleclick.net
1 cm.adform.net pubads.g.doubleclick.net
1 secure-assets.rubiconproject.com 1 redirects
1 mp.4dex.io stpd.cloud
1 bidder.criteo.com stpd.cloud
1 setupad-d.openx.net stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 adx.adform.net stpd.cloud
1 www.googletagservices.com pubads.g.doubleclick.net
1 stpd.cloud pubads.g.doubleclick.net
1 pubads.g.doubleclick.net
55 39

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.stpd.cloud
E1
2022-07-02 -
2022-09-30
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-07 -
2023-06-06
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA
2022-01-15 -
2023-01-17
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-06-01 -
2022-08-30
3 months crt.sh
*.id5-sync.com
R3
2022-05-31 -
2022-08-29
3 months crt.sh
*.google.de
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
www.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh

This page contains 9 frames:

Primary Page: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Frame ID: 54844E96B2843D03AB9076A1C26819C8
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201020.js
Frame ID: D86DD6CC1EF338198307DD135DDDA12A
Requests: 31 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 4BABD4C737F148D8D86CFC0C99D620AA
Requests: 4 HTTP requests in this frame

Frame: https://8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 43AB11A98F6D341013B1525AFCBF72BE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7FECA747533161940FD772ADC8C2612
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED482BB6E63C07E9C818490F699CF9F6
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pubads.g.doubleclick.net&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: E7EEB7AE99138B674D189A660C388C19
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: 5BFCA772021ABFC255DD54C4D08180C3
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 59637EA083DB5DDC8E33C682B52248DA
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

55
Requests

85 %
HTTPS

41 %
IPv6

22
Domains

39
Subdomains

32
IPs

7
Countries

586 kB
Transfer

1859 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2F&domain=pubads.g.doubleclick.net&gdprString=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=uenr7XxUR0MxVEo2Rm9hN0R5Tyt6RFRXOXNpZExVU2FzbEphVDNZWGprMm9HbHo4OUxGUUFmakVPNGZUSjdlZ3ZMNnFvTGJ5T0lDK25wYTBUYTFERmV2Mk9OK29ZN3VkOHRJRUR1QzhHdGczRy9IcjRVSTNWc1hYc2dMTWQxQkQ5K2FRU0tKaS9DSDRSMFUvQnVDcWJOSjFzUEFXaFNXb0tqZyt5dXRsdGRyTzljK3JUdnFXQ2JwVGs5VzNKd0FkMjgrQTZFeTlNUGhYQ3EwNlVUNXdaQllXdTZIVFp5VGtsdVJ6S3A2OW94N2FNVVU0MEkvclhHeDUvQlBpcHQ5alVhVndOfA&cppv=2
Request Chain 14
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 44
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=doubleclick.net&sn=ChromeSyncframe&so=3&topUrl=pubads.g.doubleclick.net&bundle=TXeI9V9kZlU4VTBqRUxkazl6WlJjZUQxdFdXWk5LMUhkNjEwZGNoV05hUCUyRk1qcGdyaFNYV1ByeGpBSlNkRjJhSGg4NzVXZEdvJTJCVSUyQmVrJTJGZXolMkJ5UUo0NTRiWDRaR2NmUUJBOWJFVSUyQkFPRGwlMkZTbVNqTVl6d3JqZk9JTHc0eW91U0dZdHZp&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=eSV2iHw3ZFdJOFpESmVaM2Racy90b291bS9nZG1Hb1ZZb3lMTCt3S3RGK21DUU5uRkZlMGp3L3Z2U3ZrcE1yN0FwWExKS1Z1KzdyTlcxMVlFUEJtODd3K3h2SDFnSDVWckQzQlh2ME9Uamx5RmdxZE5LRFNEVnZkN3dLL015aTZqY0UvN0plTFJodTMxV2pZWjFvaWN4VUN5dEVIcmRIdlR1VFFBNjdNZGw2SWZEd0ZuY3hPM2V6amN3SGdsdzRsRU11Ni9jREhHMnRWWkdSdTNoTVNmbGRKNGJRdmhLVDZpd1paYXJhUnp4SU5QRmNjbFV2Z0JQNzhTZkdabUtRSzNUZVpmMlAwMloreitZa29xOG9JSzc3cTQrY0hVak5MMjZYNXZLaDRDVHI2cHBXZz18&cppv=2
Request Chain 47
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 48
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c662fb-72a5-4600-8249-ec111e922625&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Request Chain 49
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&val=l9r29Jba8aOM0KWkkoy9p5WKoaCMi6CgxI3qDdEs
Request Chain 50
  • https://c1.adform.net/serving/cookie/match?party=22&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8439135425576173331&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Request Chain 51
  • https://match.adsrvr.org/track/cmf/openx?oxid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec6fa106-cd16-4d1f-b42e-9f106b0ca811&ttd_puid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Request Chain 53
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtVzljifipySTIJBPyGsCs&google_cver=1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request adx
pubads.g.doubleclick.net/gampad/
53 KB
13 KB
Document
General
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
80fed5efab484a6e4bb81f61d59751b709971baf2aa7213923e25dfa8d94c3f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
12622
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 10:34:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
google-creative-id
138380025274
google-lineitem-id
5522449157
google-mediationgroup-id
-2
google-mediationtag-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
stpd201020.js
stpd.cloud/assets/postbid/ Frame D86D
634 KB
169 KB
Script
General
Full URL
https://stpd.cloud/assets/postbid/stpd201020.js
Requested by
Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d74a6b17d90c292ebd4909c54569f496a0a2150a875f1790af0427be87b19c98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
N/0t3WNEoYV17XpDCVfTpg==
age
3032
x-ms-lease-status
unlocked
last-modified
Tue, 16 Aug 2022 07:42:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8b33c83e-001e-0051-3343-b1621b000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
73b9841518029b31-FRA
expires
Tue, 16 Aug 2022 14:34:10 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2F&domain=pubads.g.doubleclick.net&gdprString=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&cw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pubads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pubads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 16 Aug 2022 10:34:09 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1468
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame D86D
159 KB
41 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 16 Aug 2022 09:58:44 GMT
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified
Tue, 16 Aug 2022 07:09:46 GMT
server
AmazonS3
age
2127
etag
W/"52a6bc60961c702869c58b9d159c8e37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
content-encoding
gzip
x-amz-cf-id
HsHjPu27MW5_B-VIL04uEkXq2GkbzgAkCLCwWuAsobuWvZeBhNh98g==
gpt.js
www.googletagservices.com/tag/js/ Frame D86D
83 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07dc2e48ef051b38cc4841495a54a57efd4b1b8c12f4dd47af04ebf5dc60b5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28647
x-xss-protection
0
server
sffe
etag
"1305 / 53 of 1000 / last-modified: 1660645427"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 16 Aug 2022 10:34:10 GMT
localstore.js
script.4dex.io/ Frame D86D
483 B
937 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
682456
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liR1a0wySWCu6SGstRfEdfhK44cv7kEDnL0cwTjkJeKXWODYxYHC%2BY6yX0JTOGSvqt6jDeq3nA8xOa8tPA6gQmwdl2fZekpivKKXJyxM47SiaBo71VQ2Em6R5DAvbHkHkEuGrSvC00lviKfK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
73b984163ac59124-FRA
sid
mug.criteo.com/ Frame D86D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2F&domain=pubads.g.doubleclick.net&gdprString=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1...
  • https://mug.criteo.com/sid?cpp=uenr7XxUR0MxVEo2Rm9hN0R5Tyt6RFRXOXNpZExVU2FzbEphVDNZWGprMm9HbHo4OUxGUUFmakVPNGZUSjdlZ3ZMNnFvTGJ5T0lDK25wYTBUYTFERmV2Mk9OK29ZN3VkOHRJRUR1QzhHdGczRy9IcjRVSTNWc1hYc2dMTW...
355 B
622 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=uenr7XxUR0MxVEo2Rm9hN0R5Tyt6RFRXOXNpZExVU2FzbEphVDNZWGprMm9HbHo4OUxGUUFmakVPNGZUSjdlZ3ZMNnFvTGJ5T0lDK25wYTBUYTFERmV2Mk9OK29ZN3VkOHRJRUR1QzhHdGczRy9IcjRVSTNWc1hYc2dMTWQxQkQ5K2FRU0tKaS9DSDRSMFUvQnVDcWJOSjFzUEFXaFNXb0tqZyt5dXRsdGRyTzljK3JUdnFXQ2JwVGs5VzNKd0FkMjgrQTZFeTlNUGhYQ3EwNlVUNXdaQllXdTZIVFp5VGtsdVJ6S3A2OW94N2FNVVU0MEkvclhHeDUvQlBpcHQ5alVhVndOfA&cppv=2
Requested by
Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
931f137892b381f5e18ef6e830332ac811278727317229b93f538890a4cad642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:09 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2748
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:10 GMT
location
https://mug.criteo.com/sid?cpp=uenr7XxUR0MxVEo2Rm9hN0R5Tyt6RFRXOXNpZExVU2FzbEphVDNZWGprMm9HbHo4OUxGUUFmakVPNGZUSjdlZ3ZMNnFvTGJ5T0lDK25wYTBUYTFERmV2Mk9OK29ZN3VkOHRJRUR1QzhHdGczRy9IcjRVSTNWc1hYc2dMTWQxQkQ5K2FRU0tKaS9DSDRSMFUvQnVDcWJOSjFzUEFXaFNXb0tqZyt5dXRsdGRyTzljK3JUdnFXQ2JwVGs5VzNKd0FkMjgrQTZFeTlNUGhYQ3EwNlVUNXdaQllXdTZIVFp5VGtsdVJ6S3A2OW94N2FNVVU0MEkvclhHeDUvQlBpcHQ5alVhVndOfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pubads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1670
content-length
509
expires
0
cookie_sync
prebid-stag.setupad.net/ Frame D86D
593 B
1 KB
XHR
General
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
405a317156b0f4353c5c33b5650701bddbe139d63fea5225a04ef81b901ab767

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99KNCkqcJgUdqymJqYElfTrBFzLBvRHhlHcX9Z8dtMqIXaayXYMiunfWW854JIgaVVVfSSUENuqV9%2Fc2%2FSvPynypkhRxtO8HyA%2BBEU7fy3s29sCqPuLAO5JJjAurVsvQyQmz6NhpMZ6Br7ce3RbUDlI9yQym"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pubads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73b9841648fd8ff8-FRA
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame D86D
111 B
393 B
XHR
General
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3edcc6bffa12dac9481723e91a86f8946bf9ddea5eaa902f5e69ff773d7049d

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olgaq4UKyeRSlPDjJyhCQrgEZ1ErKjq1aJ%2F0q7fyJVDHl7ZUCLK1BCugzxtnnyjsStqpgcN2G4VXSC8rTeOnZSD1f3hv2XTalVyB6fgWOyp6SW3TEuwV3KuncVLcD%2BfqDVj9RA1baNEuone1SsavIs01BVpG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://pubads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73b9841648fe8ff8-FRA
expires
0
/
adx.adform.net/adx/ Frame D86D
5 B
491 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTkxMTA4MiZ0cmFuc2FjdGlvbklkPWUyMzU2OGQ4LTZmOTctNDljMi05NDgyLWE4YzkxYmQ4Yjc4OA%3D%3D&pt=gross&stid=c2f45a2a-255c-44eb-aa9f-fd05ad5ef0ee&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&eids=eyJwdWJjaWQub3JnIjp7ImUzYTI2OGYyLTRjOWEtNDNlZC05MDdkLTk2ZTRkNDczMmM1OCI6WzFdfX0%3D&fd=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://pubads.g.doubleclick.net
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D86D
0
186 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pubads.g.doubleclick.net
date
Tue, 16 Aug 2022 10:34:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
arj
setupad-d.openx.net/w/1.0/ Frame D86D
512 B
863 B
XHR
General
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fadx%3Fiu%3D%2F147246189%2C22676409927%2Fittutorial.org_300x250_responsive_DFP%26sz%3D300x250%26t%3DPlacement_type%253Dserving%261660561334006&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e23568d8-6f97-49c2-9482-a8c91bd8b788&nocache=1660646050243&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&x_gdpr_f=1&pubcid=e3a268f2-4c9a-43ed-907d-96e4d4732c58&schain=1.0%2C1!setupad.com%2C694%2C1%2C%2C%2C&aus=300x250%2C250x250%2C300x200&divIds=div-custom-ad-1660646050042-0&auid=543832203
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
427b4e0091d5da681d2e38855c52284d864a4e556b2ea972eb2e879bb5cd1bba

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://pubads.g.doubleclick.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
431
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D86D
48 B
751 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 10:34:10 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8a5c488c-32c2-4274-be26-9f44b8c2307f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pubads.g.doubleclick.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
48
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame D86D
0
226 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.12.0-pre&cb=5617424672
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://pubads.g.doubleclick.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
mp.4dex.io/ Frame D86D
0
344 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-origin
https://pubads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
73b984166b399119-FRA
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
expires
0
usync.html
eus.rubiconproject.com/ Frame 4BAB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Aug 2022 10:34:10 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 16 Aug 2022 10:34:10 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
config
c.amazon-adsystem.com/cdn/prod/ Frame D86D
662 B
1019 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpubads.g.doubleclick.net&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pubads.g.doubleclick.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
662
x-amz-cf-id
VpgdhyQZTx6pNSxIeQD5PIkoTfMtyRIj5gamC5v27ztPAzQTGL26AQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D86D
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
44078
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
date
Mon, 15 Aug 2022 22:19:33 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
9RAmtyb4lDSjXFyk4hmWHPC4787w6Ar2ZHm2HYslNAizW9GAAfAqOg==
bid
c.amazon-adsystem.com/e/dtb/ Frame D86D
23 B
498 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fadx%3Fiu%3D%2F147246189%2C22676409927%2Fittutorial.org_300x250_responsive_DFP%26sz%3D300x250%26t%3DPlacement_type%253Dserving%261660561334006&pid=jBORFGbmY0vBn&cb=0&ws=300x150&v=22.8.42053&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1660646050042-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x200%22%5D%2C%22sn%22%3A%22%2F147246189%2C22676409927%2Fittutorial.org_300x250_desktop_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
4YGJN7MRJQNJM13684B3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://pubads.g.doubleclick.net
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
dHmOAYeaZDQAPQoanTXYYd4mpZWyVhfiGn_E2G6EfBPVVJacxcG_Ow==
adagio.js
script.4dex.io/ Frame D86D
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2549662
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx5975063cf48843689a3f5-0062a04ded
x-amz-id-2
tx5975063cf48843689a3f5-0062a04ded
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYuBoPZmLCqXvY46T0a58m5u0YRfYhaIQXehMKLsG9vF3fDs2fd7AE08%2BItevaNC%2BvFO1Ct1Hb0D4T73S%2BIN%2Fvrzu5C9m2miHHv%2FjKRMV8hONwWKz4buLNwdd7n7PtL0XTC8UjWyuIuduYPB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
73b98416b8fd9bdd-FRA
access-control-allow-headers
Authorization
cookie
cm.adform.net/ Frame D86D
43 B
106 B
Image
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3DCPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA%26uid%3D%24UID
Requested by
Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
server
nginx
content-length
43
content-type
image/gif
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=uenr7XxUR0MxVEo2Rm9hN0R5Tyt6RFRXOXNpZExVU2FzbEphVDNZWGprMm9HbHo4OUxGUUFmakVPNGZUSjdlZ3ZMNnFvTGJ5T0lDK25wYTBUYTFERmV2Mk9OK29ZN3VkOHRJRUR1QzhHdGczRy9IcjRVSTNWc1hYc2dMTWQxQkQ5K2FRU0tKaS9DSDRSMFUvQnVDcWJOSjFzUEFXaFNXb0tqZyt5dXRsdGRyTzljK3JUdnFXQ2JwVGs5VzNKd0FkMjgrQTZFeTlNUGhYQ3EwNlVUNXdaQllXdTZIVFp5VGtsdVJ6S3A2OW94N2FNVVU0MEkvclhHeDUvQlBpcHQ5alVhVndOfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 16 Aug 2022 10:34:10 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
431013
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubads_impl_2022081101.js
securepubads.g.doubleclick.net/gpt/ Frame D86D
388 KB
133 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 09:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135472
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 08:35:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Aug 2023 09:43:15 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame D86D
53 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Tue, 16 Aug 2022 10:49:10 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame D86D
42 KB
12 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22676409927/ittutorial.org_300x250_responsive_DFP&sz=300x250&t=Placement_type%3Dserving&1660561334006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2614
x-amz-server-side-encryption
AES256
x-amz-request-id
TVF7RG792QAVQG2J
x-amz-id-2
Sa7zQc+7lNe7PDjLyrJqJF+9hSqYqI/QCk7CiAO/0GaOgRmSRmsJjzFhr/u0s4ljezxmHfR5Cos=
last-modified
Wed, 27 Jul 2022 15:06:46 GMT
server
cloudflare
etag
W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
73b9841768429152-FRA
usync.js
eus.rubiconproject.com/ Frame 4BAB
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-9-160.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 10:34:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55057
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Wed, 17 Aug 2022 01:51:47 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4BAB
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
v1
lb.eu-1-id5-sync.com/lb/ Frame D86D
33 B
338 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
84f67b2966de0f841622921ca23f6c07016c100670bfe1e3bc2194f04124b0a5

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pubads.g.doubleclick.net
date
Tue, 16 Aug 2022 10:34:09 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4BAB
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
481.json
id5-sync.com/g/v2/ Frame D86D
1 KB
2 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
db06041dea008e6b66eeaca634b1cf6564a92d545429e58c57eb7dda69887bcb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pubads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Aug 2022 10:34:09 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://pubads.g.doubleclick.net
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
integrator.js
adservice.google.de/adsid/ Frame D86D
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pubads.g.doubleclick.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D86D
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pubads.g.doubleclick.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D86D
768 B
855 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=90169699551439&correlator=1047561848925504&eid=31068458%2C31068926%2C44764001&output=ldjh&gdfp_req=1&vrg=2022081101&ptt=17&impl=fifs&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&iu_parts=147246189%3A22676409927%2Cittutorial.org_300x250_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C300x200&ifi=1&adks=2727761863&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie_enabled=1&cdm=pubads.g.doubleclick.net&abxe=1&dt=1660646050646&lmt=1660646050&dlt=1660646050029&idt=518&adxs=8&adys=83&biw=1600&bih=1200&isw=300&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=3ygq47ebcwrg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fadx%3Fiu%3D%2F147246189%2C22676409927%2Fittutorial.org_300x250_responsive_DFP%26sz%3D300x250%26t%3DPlacement_type%253Dserving%261660561334006&top=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fadx%3Fiu%3D%2F147246189%2C22676409927%2Fittutorial.org_300x250_responsive_DFP%26sz%3D300x250%26t%3DPlacement_type%253Dserving%261660561334006&frm=23&vis=1&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1678920322.1660646051&ga_sid=1660646051&ga_hid=544878410&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
fd84be852a40b634df82b92f88caf6c7c54e99f7b8bc6cd23d913416186e52b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
472
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pubads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D86D
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d40153f0a7279f4048116e6d26c9dffa6e1cb2e0df3c13217c8aa4e228b66024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Aug 2022 10:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11094
x-xss-protection
0
container.html
8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 43AB
6 KB
4 KB
Document
General
Full URL
https://8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 10:34:10 GMT
expires
Wed, 16 Aug 2023 10:34:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D86D
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 10:34:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7FE
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 09:31:01 GMT
expires
Wed, 16 Aug 2023 09:31:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ED48
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
18c3e3025309509cf3d55caf80fb178a4801f855845fc3a2e458961e52646fe8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h3LIlqQeBi67zYZsJYrYyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-h3LIlqQeBi67zYZsJYrYyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 10:34:11 GMT
expires
Tue, 16 Aug 2022 10:34:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
pagead2.googlesyndication.com/bg/ Frame D7FE
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 09:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
3555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13955
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 09:34:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame ED48
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081101&jk=90169699551439&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame D7FE
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?7QV5Nw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D86D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081101&jk=90169699551439&bg=!BgWlBUHNAAa4hXTbmIU7ACkAdvg8WkjcTjgG02_bhtSqQib0cL2Z4C-hAhAjOBhCyOFSzJtnqC2D6AIAAABLUgAAAAJoAQeZAvr8nEPByVGaEswAIwnQaFYhkS5SmvKi5m5LlNRbm6fXBwKuBB0NJ1RkMEF38BXPVMbtjkgXpmVz8vJTVaeYrkyG4bw3ZaXdY2ZArSQ4XYyOQFObQ3REGrkNHPuFP9MqMXTuI6sHWBDzFVsGpF5pjdeJIS_krX41MUToAhIWLLs9zi3eiSutAoGihCzt57RFqDlkMY3-S3erN0CrDqFPA3FUc0QBcQpLdqTlJC4_jmDudll9d1dzPdqDdC7-feGc8-PBBWD7XM8A953Wab_pNXgg6XiHnZfS04y9xJlrQmKTq7Ku37kRkG9ZRG_aSiAKjGXDnN0jV5p6CAIxnBccS6-H9ksbjhW9UAkYr0N2yG-PdxDxUyeFApX0UzMbGib2ULZvPYNCWlcD3QVOpLaPFFfVbsiJBK7f1aw1CbZm8yfq0b3Lw7UHb9nwdWf6v4LswtecPleY3mTQ8LZMeh-rRkLn-175KIwvJqbND1ynhU9nQgO9StU2KCoOmUyETgngE2EnlQaKTEdxxEIlttS1Ht8uY4GCtMIHRPwNQdRbYPjfxi_IINFDL_DXuqWvUcYpsxdemLB451e9fw6J4V9I39Lbkopv5NIDlo4peuFhPD53Di-AZMRtKd0Bd8O11cfUoJ3GXl1D0xHLR_nfQahIM2BoNgzYswT1ro48fZc6oq8gJNTWv1qv5hsfL97QM0zLh0SjwxBia6QjSBjgqs-ZUb03IyuLovV4dX3L_Gkzu3t_VeuLtwZW9BhpqN5OpioBa5B3me9NqXC90xoH8UWaO2w6BdWMuFuICGWKgQx46O9pPi3vrABIE-g5gUBai3vKRq88VTj7QsUt5vK2meeLZkk2LarHUu83QPNA2e83OExHu4Spm0RYjh_vm29DCEVQKWG_j0yx9tM1-Gdi__vXm4FOZOaBpHlQUxj-jLc54fdcbCYxhYEJ9wxn_T_6HgPjxJ0Cov1ma9dXZoG4GWQgfBjY_5X4U8pYJu3tQVKLs0Gty05_jZNpWBLNEi8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

publishertag.prebid.js
static.criteo.net/js/ld/ Frame D86D
87 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:13 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Aug 2022 10:34:13 GMT
syncframe
gum.criteo.com/ Frame E7EE
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pubads.g.doubleclick.net&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 10:34:12 GMT
server-processing-duration-in-ticks
2518
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D86D
87 KB
28 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pubads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 10:34:13 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 12:51:23 GMT
server
nginx
etag
W/"62e91dcb-15b76"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 17 Aug 2022 10:34:13 GMT
sid
mug.criteo.com/ Frame E7EE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=doubleclick.net&sn=ChromeSyncframe&so=3&topUrl=pubads.g.doubleclick.net&bundle=TXeI9V9kZlU4VTBqRUxkazl6WlJjZUQxdFdXWk5LMUhkNjEwZGNoV05hUCU...
  • https://mug.criteo.com/sid?cpp=eSV2iHw3ZFdJOFpESmVaM2Racy90b291bS9nZG1Hb1ZZb3lMTCt3S3RGK21DUU5uRkZlMGp3L3Z2U3ZrcE1yN0FwWExKS1Z1KzdyTlcxMVlFUEJtODd3K3h2SDFnSDVWckQzQlh2ME9Uamx5RmdxZE5LRFNEVnZkN3dLL0...
438 B
632 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=eSV2iHw3ZFdJOFpESmVaM2Racy90b291bS9nZG1Hb1ZZb3lMTCt3S3RGK21DUU5uRkZlMGp3L3Z2U3ZrcE1yN0FwWExKS1Z1KzdyTlcxMVlFUEJtODd3K3h2SDFnSDVWckQzQlh2ME9Uamx5RmdxZE5LRFNEVnZkN3dLL015aTZqY0UvN0plTFJodTMxV2pZWjFvaWN4VUN5dEVIcmRIdlR1VFFBNjdNZGw2SWZEd0ZuY3hPM2V6amN3SGdsdzRsRU11Ni9jREhHMnRWWkdSdTNoTVNmbGRKNGJRdmhLVDZpd1paYXJhUnp4SU5QRmNjbFV2Z0JQNzhTZkdabUtRSzNUZVpmMlAwMloreitZa29xOG9JSzc3cTQrY0hVak5MMjZYNXZLaDRDVHI2cHBXZz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
50ef75de4a78bdea9082784718bbe8acd8d6224e596282922381969b6ace6459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4557
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=eSV2iHw3ZFdJOFpESmVaM2Racy90b291bS9nZG1Hb1ZZb3lMTCt3S3RGK21DUU5uRkZlMGp3L3Z2U3ZrcE1yN0FwWExKS1Z1KzdyTlcxMVlFUEJtODd3K3h2SDFnSDVWckQzQlh2ME9Uamx5RmdxZE5LRFNEVnZkN3dLL015aTZqY0UvN0plTFJodTMxV2pZWjFvaWN4VUN5dEVIcmRIdlR1VFFBNjdNZGw2SWZEd0ZuY3hPM2V6amN3SGdsdzRsRU11Ni9jREhHMnRWWkdSdTNoTVNmbGRKNGJRdmhLVDZpd1paYXJhUnp4SU5QRmNjbFV2Z0JQNzhTZkdabUtRSzNUZVpmMlAwMloreitZa29xOG9JSzc3cTQrY0hVak5MMjZYNXZLaDRDVHI2cHBXZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1537
content-length
567
expires
0
pd
eu-u.openx.net/w/1.0/ Frame 5BFC
3 KB
1011 B
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
85501392f9fc1f22fb90d1062e9d1ec37e3937b3ba5c6f25fe231b1e411bedfc

Request headers

Referer
https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
700
content-type
text/html
date
Tue, 16 Aug 2022 10:34:13 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5963
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201020.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pubads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
21157
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 16 Aug 2022 10:34:13 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 343807
X-Served-By
cache-lga21945-LGA, cache-hhn4075-HHN
X-Timer
S1660646053.451447,VS0,VE0
bounce
ib.adnxs.com/ Frame 5963
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
819 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 10:34:13 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9d8c5b19-6231-4684-be1e-7783b8d0b347
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 Aug 2022 10:34:13 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
075ab2fd-03e5-4f8a-91ec-0b0dce30f48e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9f...
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c662fb-72a5-4600-8249-ec111e922625&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX...
43 B
61 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c662fb-72a5-4600-8249-ec111e922625&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 16 Aug 2022 10:34:13 GMT
Server
MT3 4475 c1dc35a master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c662fb-72a5-4600-8249-ec111e922625&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 16 Aug 2022 10:34:12 GMT
sd
us-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFc...
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNK...
43 B
122 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&val=l9r29Jba8aOM0KWkkoy9p5WKoaCMi6CgxI3qDdEs
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&val=l9r29Jba8aOM0KWkkoy9p5WKoaCMi6CgxI3qDdEs
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMY...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkF...
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8439135425576173331&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdl...
43 B
61 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8439135425576173331&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8439135425576173331&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4Ji...
  • https://match.adsrvr.org/track/cmb/openx?oxid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4Ji...
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec6fa106-cd16-4d1f-b42e-9f106b0ca811&ttd_puid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb...
43 B
62 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec6fa106-cd16-4d1f-b42e-9f106b0ca811&ttd_puid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ec6fa106-cd16-4d1f-b42e-9f106b0ca811&ttd_puid=300e57ab-e51d-7c1a-caab-5e0cb0541fa5&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
985
pixel
cm.g.doubleclick.net/ Frame 5BFC
170 B
502 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWM2MTg0NjEtMmM2YS0yMmJlLWRmNGItMDRiNTdhYjZkMWM1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5BFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBA...
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtVzljifipySTIJBPyGsCs&google_cver=1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2...
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtVzljifipySTIJBPyGsCs&google_cver=1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Aug 2022 10:34:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtVzljifipySTIJBPyGsCs&google_cver=1&gdpr=1&gdpr_consent=CPd0npWPd0npWF2ABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
649
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| stpdSPI number| stpdSF object| stpdW string| filterSettings string| pb_ittutorial.org_300x250_desktop_1 object| us_ittutorial.org_300x250_desktop_1 object| ADAGIO object| _ADAGIO object| ONFOCUS object| criteo_syncframe_state

22 Cookies

Domain/Path Name / Value
pubads.g.doubleclick.net/ Name: _pbjs_userid_consent_data
Value: 8082702947762165
.doubleclick.net/ Name: _pubcid
Value: e3a268f2-4c9a-43ed-907d-96e4d4732c58
.openx.net/ Name: i
Value: e3a268f2-4c9a-43ed-907d-96e4d4732c58|1660646050
pubads.g.doubleclick.net/ Name: cto_bidid
Value: pleSvF9ucUZtRDJReTVPa2x5d1FoQUJZTmloc1h3MlBHMHFNckxTRktZM1VLTmcwZVh3cTNHTHVzQ3MlMkZidmVvb1p4dnJDOTVRSVNhME5rckgyZkglMkY5UXl6eUElM0QlM0Q
pubads.g.doubleclick.net/ Name: cto_bundle
Value: TXeI9V9kZlU4VTBqRUxkazl6WlJjZUQxdFdXWk5LMUhkNjEwZGNoV05hUCUyRk1qcGdyaFNYV1ByeGpBSlNkRjJhSGg4NzVXZEdvJTJCVSUyQmVrJTJGZXolMkJ5UUo0NTRiWDRaR2NmUUJBOWJFVSUyQkFPRGwlMkZTbVNqTVl6d3JqZk9JTHc0eW91U0dZdHZp
.id5-sync.com/ Name: id5
Value: d9c5e1f4-3e38-4431-bdde-e3128d2efcaa#1660646050576#1
.doubleclick.net/ Name: IDE
Value: AHWqTUlHx7Y75NMRJdn4mIplrtc7Dot_33z6M-rW5q8lkasG3B9wOz73MLPZwOdmqBM
.doubleclick.net/ Name: __gads
Value: ID=64e489258593978a:T=1660646050:S=ALNI_MYA7tqe4NV1ZJHhTvVZaYtD_HMpXg
.criteo.com/ Name: uid
Value: d03b2233-cf0d-4338-8d99-a3a9ff450b76
.doubleclick.net/ Name: cto_bundle
Value: 9GCHOF9kZlU4VTBqRUxkazl6WlJjZUQxdFdmdlc5aVZyRUNvQzR2Y1V6JTJGeWUlMkZjaG01VCUyRlNLRWMlMkZwOElraThSbUk2b1RadERqam45aXdCS0dma2hJbUNBOHA4VXhMOSUyQkZUQUxFSFBQanBEZzFjMkdieWVEMUUlMkJxUGxmbUc4ZUpFdDZIU0l6S0VmdWc2Y0hwUVRORk50d0Nwb0ElM0QlM0Q
.g.doubleclick.net/ Name: cto_bundle
Value: 9GCHOF9kZlU4VTBqRUxkazl6WlJjZUQxdFdmdlc5aVZyRUNvQzR2Y1V6JTJGeWUlMkZjaG01VCUyRlNLRWMlMkZwOElraThSbUk2b1RadERqam45aXdCS0dma2hJbUNBOHA4VXhMOSUyQkZUQUxFSFBQanBEZzFjMkdieWVEMUUlMkJxUGxmbUc4ZUpFdDZIU0l6S0VmdWc2Y0hwUVRORk50d0Nwb0ElM0QlM0Q
.pubads.g.doubleclick.net/ Name: cto_bundle
Value: 9GCHOF9kZlU4VTBqRUxkazl6WlJjZUQxdFdmdlc5aVZyRUNvQzR2Y1V6JTJGeWUlMkZjaG01VCUyRlNLRWMlMkZwOElraThSbUk2b1RadERqam45aXdCS0dma2hJbUNBOHA4VXhMOSUyQkZUQUxFSFBQanBEZzFjMkdieWVEMUUlMkJxUGxmbUc4ZUpFdDZIU0l6S0VmdWc2Y0hwUVRORk50d0Nwb0ElM0QlM0Q
.openx.net/ Name: pd
Value: v2|1660646053|gekin0vNiygu
.adnxs.com/ Name: uuid2
Value: 6526295300255151841
.quantserve.com/ Name: d
Value: EMMBDAHvJoqsMA
.quantserve.com/ Name: mc
Value: 62fb72a5-8523d-14b16-c06ee
.mathtag.com/ Name: uuid
Value: e3c662fb-72a5-4600-8249-ec111e922625
.adsrvr.org/ Name: TDID
Value: ec6fa106-cd16-4d1f-b42e-9f106b0ca811
.adform.net/ Name: C
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiinZuAs9__OhAFOAE.
.adform.net/ Name: uid
Value: 8439135425576173331
.openx.net/ Name: univ_id
Value: 537072971|ec6fa106-cd16-4d1f-b42e-9f106b0ca811|1660646053625786

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8368a22ba7e03a8ee898923a6c720c2c.safeframe.googlesyndication.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.id5-sync.com
cm.adform.net
cm.g.doubleclick.net
eu-u.openx.net
eus.rubiconproject.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
pubads.g.doubleclick.net
script.4dex.io
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
static.criteo.net
stpd.cloud
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
us-u.openx.net
www.google.com
www.googletagservices.com
141.95.98.66
151.101.129.108
162.19.138.117
172.217.16.194
172.217.23.98
178.250.0.157
178.250.0.165
185.184.8.90
185.29.132.245
23.75.240.210
2606:4700:10::6816:3556
2606:4700:20::681a:9a9
2606:4700:20::ac43:44a2
2606:4700::6812:1f31
2606:4700::6812:272
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:810::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a02:2638:1::3
2a02:2638::1c
3.33.220.150
34.98.64.218
35.244.159.8
37.157.3.28
37.157.3.29
37.157.3.30
37.252.172.250
52.222.209.55
69.173.144.138
69.173.144.165
92.123.21.200
92.123.9.160
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07dc2e48ef051b38cc4841495a54a57efd4b1b8c12f4dd47af04ebf5dc60b5ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
18c3e3025309509cf3d55caf80fb178a4801f855845fc3a2e458961e52646fe8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405a317156b0f4353c5c33b5650701bddbe139d63fea5225a04ef81b901ab767
427b4e0091d5da681d2e38855c52284d864a4e556b2ea972eb2e879bb5cd1bba
48bd457befd1682d1e21bd4327a12799559ecc1308da5413b21ee60d2e6c0dde
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
50ef75de4a78bdea9082784718bbe8acd8d6224e596282922381969b6ace6459
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
80fed5efab484a6e4bb81f61d59751b709971baf2aa7213923e25dfa8d94c3f2
84f67b2966de0f841622921ca23f6c07016c100670bfe1e3bc2194f04124b0a5
85501392f9fc1f22fb90d1062e9d1ec37e3937b3ba5c6f25fe231b1e411bedfc
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
931f137892b381f5e18ef6e830332ac811278727317229b93f538890a4cad642
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d
a3edcc6bffa12dac9481723e91a86f8946bf9ddea5eaa902f5e69ff773d7049d
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6
d40153f0a7279f4048116e6d26c9dffa6e1cb2e0df3c13217c8aa4e228b66024
d74a6b17d90c292ebd4909c54569f496a0a2150a875f1790af0427be87b19c98
db06041dea008e6b66eeaca634b1cf6564a92d545429e58c57eb7dda69887bcb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
fd84be852a40b634df82b92f88caf6c7c54e99f7b8bc6cd23d913416186e52b5