www.aha-music.com Open in urlscan Pro
2606:4700:3035::ac43:c984 Public Scan

URL:
https://www.aha-music.com/
Submission: On May 03 via manual (May 3rd 2021, 3:56:33 am UTC) from US

Summary HTTP 417 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 106 IPs in 12 countries across 102 domains to perform 417 HTTP transactions. The main IP is 2606:4700:3035::ac43:c984, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.aha-music.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time www.aha-music.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3035::ac43:c984	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
3	2606:4700:20:... 2606:4700:20::681a:b27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	162.243.189.2 162.243.189.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
28	185.229.227.132 185.229.227.132	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	65.9.86.127 65.9.86.127	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
8	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
3 18	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
24	185.167.98.14 185.167.98.14	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
5 6	52.58.45.227 52.58.45.227	16509 (AMAZON-02) (AMAZON-02)
1 1	162.55.3.20 162.55.3.20	24940 (HETZNER-AS) (HETZNER-AS)
5 27	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 7	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
6	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
4	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
2	3.123.45.128 3.123.45.128	16509 (AMAZON-02) (AMAZON-02)
3	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
6	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 11	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1 5	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2 5	104.111.237.88 104.111.237.88	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
2	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
1 1	34.231.105.138 34.231.105.138	14618 (AMAZON-AES) (AMAZON-AES)
2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 13	18.158.173.146 18.158.173.146	16509 (AMAZON-02) (AMAZON-02)
2	67.202.110.33 67.202.110.33	32748 (STEADFAST) (STEADFAST)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2 2	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5 10	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
5	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
6 10	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
5	5.178.65.252 5.178.65.252	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	34.192.206.153 34.192.206.153	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 3	168.119.146.39 168.119.146.39	24940 (HETZNER-AS) (HETZNER-AS)
4	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7 9	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
1 1	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	62.209.227.211 62.209.227.211	5588 (GTSCE GTS...) (GTSCE GTS Central Europe / Antel Germany)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	52.40.230.171 52.40.230.171	16509 (AMAZON-02) (AMAZON-02)
5 7	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
4 5	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
13 17	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	52.24.36.224 52.24.36.224	16509 (AMAZON-02) (AMAZON-02)
1	52.33.73.108 52.33.73.108	16509 (AMAZON-02) (AMAZON-02)
1 6	34.216.128.100 34.216.128.100	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
3 3	52.31.176.223 52.31.176.223	16509 (AMAZON-02) (AMAZON-02)
1	50.112.180.98 50.112.180.98	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.4.152.106 52.4.152.106	14618 (AMAZON-AES) (AMAZON-AES)
2	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
5	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
6 6	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	3.215.247.12 3.215.247.12	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
18	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
5 6	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1 1	154.57.158.51 154.57.158.51	26558 (FREEWHEEL) (FREEWHEEL)
2 2	2a05:d018:24:... 2a05:d018:24:b002:28a5:2c7e:9fea:57ab	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1	89.163.159.101 89.163.159.101	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 8	34.251.130.56 34.251.130.56	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.29.225.117 52.29.225.117	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	54.170.10.95 54.170.10.95	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.0.135.151 52.0.135.151	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.124.170 52.95.124.170	16509 (AMAZON-02) (AMAZON-02)
2 3	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.74.77.155 54.74.77.155	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.175 208.100.17.175	32748 (STEADFAST) (STEADFAST)
6	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
5 5	35.157.48.14 35.157.48.14	16509 (AMAZON-02) (AMAZON-02)
2 2	3.121.49.210 3.121.49.210	16509 (AMAZON-02) (AMAZON-02)
4 7	52.49.40.147 52.49.40.147	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	52.86.150.190 52.86.150.190	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.84.114 65.9.84.114	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:20:... 2606:4700:20::681a:24e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.158.29.13 51.158.29.13	12876 (Online SAS) (Online SAS)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1 1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	52.4.236.19 52.4.236.19	14618 (AMAZON-AES) (AMAZON-AES)
4 4	51.89.21.31 51.89.21.31	16276 (OVH) (OVH)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
417	106

7 2606:4700:3035::ac43:c984 (United States)

ASN13335 (CLOUDFLARENET, US)

www.aha-music.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:b27 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.buymeacoffee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.buymeacoffee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.243.189.2 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

bmc-cdn.nyc3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1bac27cdc39f9d3861cff4484fb58267.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 185.229.227.132 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.167.98.14 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.58.45.227 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-45-227.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.3.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.3.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.45.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 62.149.0.72 (Ukraine) 2 redirects

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.249.52.248 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.237.88 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.238 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

cdn.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.105.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.158.173.146 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.110.33 (United States)

ASN32748 (STEADFAST, US)

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.220.241 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 76.223.111.131 (United States) 6 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.192.206.153 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.119.146.39 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.126.56.137 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.200.100 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.209.227.211 (Prague, Czech Republic) 1 redirects

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.230.171 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-230-171.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.114.49 (Frankfurt am Main, Germany) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.197.99.6 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.98 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.36.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-36-224.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.73.108 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-73-108.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.216.128.100 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-128-100.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.176.223 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.112.180.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.152.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.135.234 (United Kingdom) 6 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.215.247.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

report.hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

45aeb35e78d1838e6a2d6ac2e73b5233.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0a64875f7344906fd808afdb8aae3a1a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.94.232.32 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:f916:5049:f87f:108e (United States) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.248.159 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.245 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.57.158.51 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)
PTR: amsadvip2.fwmrm.net

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:28a5:2c7e:9fea:57ab (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Bellagio, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.101 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.251.130.56 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.225.117 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.10.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.135.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.45.99.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.77.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.175 (United States)

ASN32748 (STEADFAST, US)
PTR: ip175.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.48.14 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.49.210 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.49.40.147 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.150.190 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.114 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:24e (United States)

ASN13335 (CLOUDFLARENET, US)

sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.29.13 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-29-13.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.236.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.21.31 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: p22.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com 1bac27cdc39f9d3861cff4484fb58267.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 45aeb35e78d1838e6a2d6ac2e73b5233.safeframe.googlesyndication.com 0a64875f7344906fd808afdb8aae3a1a.safeframe.googlesyndication.com	275 KB
28	sekindo.com live.sekindo.com	376 KB
28	doubleclick.net 13 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	357 KB
24	primis.tech video.primis.tech	3 MB
23	casalemedia.com 5 redirects ssum-sec.casalemedia.com ssum.casalemedia.com as-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	30 KB
20	openx.net 5 redirects u.openx.net rtb.openx.net us-u.openx.net eu-u.openx.net	5 KB
19	adnxs.com 8 redirects secure.adnxs.com ib.adnxs.com acdn.adnxs.com	14 KB
18	zeotap.com spl.zeotap.com mwzeom.zeotap.com	6 KB
17	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com image2.pubmatic.com	82 KB
16	yahoo.com 8 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com pr-bh.ybp.yahoo.com	9 KB
16	adscale.de 1 redirects js.adscale.de ih.adscale.de	17 KB
15	e-planning.net 1 redirects ads.us.e-planning.net u-ams02.e-planning.net sync.e-planning.net s.e-planning.net	19 KB
10	adsrvr.org 6 redirects match.adsrvr.org	4 KB
10	amazon-adsystem.com 4 redirects c.amazon-adsystem.com s.amazon-adsystem.com aax-eu.amazon-adsystem.com	40 KB
9	crwdcntrl.net 4 redirects bcp.crwdcntrl.net tags.crwdcntrl.net sync.crwdcntrl.net	42 KB
9	ad.gt 1 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	15 KB
8	audrte.com 4 redirects a.audrte.com	9 KB
8	brainlyads.com hb.brainlyads.com report.hb.brainlyads.com	134 KB
8	powerad.ai powerad.ai reporting.powerad.ai	35 KB
7	quantumdex.io sync.quantumdex.io	4 KB
7	bidr.io 4 redirects match.prod.bidr.io	3 KB
7	ampproject.org cdn.ampproject.org	119 KB
7	mathtag.com sync.mathtag.com Failed pixel.mathtag.com	3 KB
7	everesttech.net 5 redirects sync-tm.everesttech.net	2 KB
7	adform.net 5 redirects cm.adform.net track.adform.net dmp.adform.net c1.adform.net	3 KB
7	advertising.com 4 redirects ads.adaptv.advertising.com pixel.advertising.com	2 KB
7	adtarget.com.tr s.console.adtarget.com.tr sync.console.adtarget.com.tr	4 KB
7	jsdelivr.net cdn.jsdelivr.net	680 KB
7	aha-music.com www.aha-music.com	132 KB
6	tapad.com 5 redirects pixel.tapad.com	3 KB
6	adtelligent.com 2 redirects s.adtelligent.com sync.adtelligent.com	3 KB
6	bidswitch.net 5 redirects x.bidswitch.net	2 KB
6	google-analytics.com www.google-analytics.com	21 KB
5	w55c.net 5 redirects pm.w55c.net	4 KB
5	onetag-sys.com onetag-sys.com	3 KB
5	spotxchange.com 2 redirects sync.search.spotxchange.com search.spotxchange.com	5 KB
5	google.com adservice.google.com www.google.com	947 B
4	id5-sync.com 4 redirects id5-sync.com	6 KB
4	indexww.com js-sec.indexww.com	4 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	sonobi.com sync.go.sonobi.com	2 KB
4	1rx.io 2 redirects sync.1rx.io tag.1rx.io	1 KB
4	googletagservices.com www.googletagservices.com	104 KB
4	google.de adservice.google.de www.google.de	1 KB
3	ad4m.at ad4m.at
3	bluekai.com 2 redirects tags.bluekai.com	945 B
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	940 B
3	rlcdn.com 2 redirects idsync.rlcdn.com	866 B
3	quantserve.com 3 redirects pixel.quantserve.com	1 KB
3	33across.com ssc.33across.com ssc-cms.33across.com	1 KB
3	demdex.net 3 redirects dpm.demdex.net	3 KB
3	richaudience.com 1 redirects sync.richaudience.com	743 B
3	cloudflareinsights.com static.cloudflareinsights.com cloudflareinsights.com	5 KB
3	buymeacoffee.com cdnjs.buymeacoffee.com cdn.buymeacoffee.com	8 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	925 B
2	turn.com 2 redirects ad.turn.com d.turn.com	869 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	mookie1.com odr.mookie1.com	430 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr	844 B
2	tidaltv.com 2 redirects sync.tidaltv.com	791 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	facebook.com 1 redirects www.facebook.com	275 B
2	facebook.net connect.facebook.net	98 KB
2	dotomi.com 1 redirects prebid-match.dotomi.com casale-match.dotomi.com	290 B
2	sitescout.com 2 redirects pixel.sitescout.com pixel-sync.sitescout.com	587 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	tynt.com ic.tynt.com
2	admatic.com.tr cdn.admatic.com.tr	21 KB
2	creativecdn.com 2 redirects creativecdn.com	721 B
2	stickyadstv.com ads.stickyadstv.com	1 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
1	eyeota.net ps.eyeota.net	1 KB
1	adentifi.com rtb.adentifi.com	88 B
1	cookieless-data.com js.cookieless-data.com	367 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	bttrack.com bttrack.com	380 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	simpli.fi 1 redirects um.simpli.fi	624 B
1	imrworldwide.com obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	38 B
1	agkn.com 1 redirects aa.agkn.com	379 B
1	theadex.com dmp.theadex.com	378 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	596 B
1	bemail.it 1 redirects bn01.er.bemail.it	659 B
1	exelator.com loadeu.exelator.com	324 B
1	fwmrm.net 1 redirects dmp.v.fwmrm.net	497 B
1	taboola.com trc.taboola.com	161 B
1	adgrx.com cm.adgrx.com	408 B
1	atdmt.com cx.atdmt.com	823 B
1	criteo.com 1 redirects dis.criteo.com	536 B
1	contextweb.com 1 redirects bh.contextweb.com	423 B
1	aufp.io aufp.io	3 KB
1	ibillboard.com 1 redirects bbnaut.ibillboard.com	550 B
1	admanmedia.com 1 redirects cs.admanmedia.com	428 B
1	navdmp.com tag.navdmp.com	4 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	490 B
1	trafmag.com t.trafmag.com	232 B
1	advangelists.com 1 redirects nep.advangelists.com	229 B
1	gstatic.com fonts.gstatic.com	15 KB
1	loopme.me 1 redirects csync.loopme.me	244 B
1	googleapis.com fonts.googleapis.com	644 B
1	digitaloceanspaces.com bmc-cdn.nyc3.digitaloceanspaces.com	22 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
417	102

	Domain	Requested by
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.aha-music.com cdn.ampproject.org
28	live.sekindo.com	securepubads.g.doubleclick.net live.sekindo.com www.aha-music.com
24	video.primis.tech	www.aha-music.com live.sekindo.com
17	cm.g.doubleclick.net	13 redirects eu-u.openx.net bcp.crwdcntrl.net
15	mwzeom.zeotap.com	spl.zeotap.com ads.us.e-planning.net
13	ih.adscale.de	1 redirects js.adscale.de ih.adscale.de
12	dsum-sec.casalemedia.com	2 redirects ssum.casalemedia.com ssum-sec.casalemedia.com
10	match.adsrvr.org	6 redirects ssum.casalemedia.com eu-u.openx.net bcp.crwdcntrl.net
10	ib.adnxs.com	5 redirects hb.brainlyads.com spl.zeotap.com
10	securepubads.g.doubleclick.net	ajax.cloudflare.com securepubads.g.doubleclick.net www.aha-music.com www.googletagservices.com
9	ups.analytics.yahoo.com	7 redirects
8	eu-u.openx.net	hb.brainlyads.com eu-u.openx.net
8	a.audrte.com	4 redirects ads.us.e-planning.net a.audrte.com s.console.adtarget.com.tr
8	ads.pubmatic.com	live.sekindo.com ads.pubmatic.com s.console.adtarget.com.tr ads.us.e-planning.net
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	sync.quantumdex.io	ads.us.e-planning.net sync.quantumdex.io ssum-sec.casalemedia.com
7	match.prod.bidr.io	4 redirects eu-u.openx.net ssum-sec.casalemedia.com
7	cdn.ampproject.org	securepubads.g.doubleclick.net
7	sync-tm.everesttech.net	5 redirects ssum-sec.casalemedia.com
7	secure.adnxs.com	3 redirects acdn.adnxs.com ssum-sec.casalemedia.com
7	cdn.jsdelivr.net	www.aha-music.com cdn.jsdelivr.net
7	www.aha-music.com	www.aha-music.com cdn.jsdelivr.net
6	pr-bh.ybp.yahoo.com	eu-u.openx.net ssum-sec.casalemedia.com
6	pixel.tapad.com	5 redirects ads.us.e-planning.net
6	us-u.openx.net	1 redirects eu-u.openx.net
6	s.amazon-adsystem.com	3 redirects ssum.casalemedia.com ssum-sec.casalemedia.com
6	ids.ad.gt	1 redirects
6	sync.mathtag.com
6	sync.console.adtarget.com.tr	s.console.adtarget.com.tr s.adtelligent.com js.adscale.de ads.us.e-planning.net
6	hbopenbid.pubmatic.com	live.sekindo.com
6	reporting.powerad.ai	powerad.ai
6	ssum-sec.casalemedia.com	2 redirects ssum.casalemedia.com js-sec.indexww.com sync.quantumdex.io
6	x.bidswitch.net	5 redirects www.aha-music.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	pm.w55c.net	5 redirects
5	onetag-sys.com	hb.brainlyads.com sync.quantumdex.io
5	pixel.advertising.com	4 redirects
5	s.e-planning.net	ads.us.e-planning.net
5	u-ams02.e-planning.net	ads.us.e-planning.net ssum.casalemedia.com
5	sync.adtelligent.com	2 redirects s.adtelligent.com
4	id5-sync.com	4 redirects
4	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
4	js-sec.indexww.com	hb.brainlyads.com ssum-sec.casalemedia.com
4	bcp.crwdcntrl.net	3 redirects tags.crwdcntrl.net
4	report.hb.brainlyads.com	hb.brainlyads.com
4	sync.go.sonobi.com	ads.us.e-planning.net sync.quantumdex.io
4	hb.brainlyads.com	powerad.ai www.aha-music.com
4	u.openx.net	2 redirects hb.brainlyads.com
4	www.googletagservices.com	securepubads.g.doubleclick.net hb.brainlyads.com
3	ad4m.at	ssum-sec.casalemedia.com
3	tags.bluekai.com	2 redirects bcp.crwdcntrl.net
3	idsync.rlcdn.com	2 redirects ssum.casalemedia.com
3	pixel.quantserve.com	3 redirects
3	spl.zeotap.com	ads.us.e-planning.net spl.zeotap.com
3	dpm.demdex.net	3 redirects
3	sync.richaudience.com	1 redirects ads.us.e-planning.net spl.zeotap.com
3	sync.e-planning.net	ads.us.e-planning.net sync.quantumdex.io
3	js.adscale.de	s.console.adtarget.com.tr js.adscale.de ih.adscale.de
3	search.spotxchange.com	live.sekindo.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
2	ads.betweendigital.com	2 redirects
2	c1.adform.net	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	acdn.adnxs.com	hb.brainlyads.com
2	aax-eu.amazon-adsystem.com	1 redirects ads.us.e-planning.net
2	beacon.krxd.net	spl.zeotap.com ads.us.e-planning.net
2	odr.mookie1.com	spl.zeotap.com eu-u.openx.net
2	idsync.frontend.weborama.fr	2 redirects
2	sync.tidaltv.com	2 redirects
2	dmp.adform.net	1 redirects spl.zeotap.com
2	tracking.m6r.eu	2 redirects
2	track.adform.net	2 redirects
2	as-sec.casalemedia.com	hb.brainlyads.com
2	tag.1rx.io	hb.brainlyads.com
2	ssc.33across.com	hb.brainlyads.com
2	www.facebook.com	1 redirects
2	connect.facebook.net	p.ad.gt connect.facebook.net
2	ssum.casalemedia.com	1 redirects ads.us.e-planning.net
2	eus.rubiconproject.com	ads.us.e-planning.net eus.rubiconproject.com
2	sync.1rx.io	2 redirects
2	rtb.openx.net	2 redirects
2	ap.lijit.com	2 redirects
2	ic.tynt.com	s.adtelligent.com sync.quantumdex.io
2	image6.pubmatic.com	ads.pubmatic.com spl.zeotap.com
2	cdn.admatic.com.tr	s.console.adtarget.com.tr cdn.admatic.com.tr
2	ads.us.e-planning.net	1 redirects s.console.adtarget.com.tr
2	creativecdn.com	2 redirects
2	ads.stickyadstv.com	live.sekindo.com
2	ads.adaptv.advertising.com	live.sekindo.com
2	sync.search.spotxchange.com	2 redirects
2	c.amazon-adsystem.com	live.sekindo.com c.amazon-adsystem.com
2	www.google.com	www.aha-music.com
2	powerad.ai	www.googletagmanager.com powerad.ai
2	cloudflareinsights.com	static.cloudflareinsights.com
2	www.googletagmanager.com	www.aha-music.com powerad.ai
2	cdn.buymeacoffee.com	www.aha-music.com
1	ps.eyeota.net	s.console.adtarget.com.tr
1	d.turn.com	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	js.cookieless-data.com	s.e-planning.net
1	tags.crwdcntrl.net	s.e-planning.net
1	sync.extend.tv	1 redirects
1	bttrack.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	sync.adotmob.com	1 redirects
1	um.simpli.fi	1 redirects
1	ssc-cms.33across.com	hb.brainlyads.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	1 redirects
1	trc.taboola.com	spl.zeotap.com
1	pixel-sync.sitescout.com	1 redirects
1	cm.adgrx.com	ssum.casalemedia.com
1	cx.atdmt.com
1	0a64875f7344906fd808afdb8aae3a1a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	45aeb35e78d1838e6a2d6ac2e73b5233.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	dis.criteo.com	1 redirects
1	pixels.ad.gt	p.ad.gt
1	bh.contextweb.com	1 redirects
1	image2.pubmatic.com
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	a.ad.gt	www.aha-music.com
1	bbnaut.ibillboard.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	prebid-match.dotomi.com	ads.us.e-planning.net
1	tag.navdmp.com	ads.us.e-planning.net
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.sitescout.com	1 redirects
1	t.trafmag.com	s.adtelligent.com
1	nep.advangelists.com	1 redirects
1	cm.adform.net	s.console.adtarget.com.tr
1	s.adtelligent.com	s.console.adtarget.com.tr
1	fonts.gstatic.com	fonts.googleapis.com
1	csync.loopme.me	1 redirects
1	s.console.adtarget.com.tr	live.sekindo.com
1	fonts.googleapis.com	live.sekindo.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	1bac27cdc39f9d3861cff4484fb58267.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bmc-cdn.nyc3.digitaloceanspaces.com	www.aha-music.com
1	static.cloudflareinsights.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.aha-music.com
1	cdnjs.buymeacoffee.com	www.aha-music.com
417	156

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
microsoftedge.microsoft.com
www.notion.so
changelogfy.com
www.buymeacoffee.com
www.acrcloud.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-26` - `2022-03-26`	a year	crt.sh
buymeacoffee.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.nyc3.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-22` - `2022-05-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2020-10-12` - `2021-10-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.sekindo.com Go Daddy Secure Certificate Authority - G2	`2021-04-06` - `2021-11-28`	8 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2021-04-03` - `2021-07-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2020-11-23` - `2021-12-25`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-04-07` - `2021-07-06`	3 months	crt.sh
sync.console.adtarget.com.tr R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
ads.us.e-planning.net R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
cat.adscale.de DigiCert SHA2 Secure Server CA	`2020-10-23` - `2021-11-21`	a year	crt.sh
*.adform.net DigiCert SHA2 Secure Server CA	`2020-04-02` - `2021-06-02`	a year	crt.sh
cdn.admatic.com.tr R3	`2021-04-07` - `2021-07-06`	3 months	crt.sh
*.adscale.de Amazon	`2020-06-05` - `2021-07-07`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
sync.adtelligent.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
*.e-planning.net R3	`2021-03-26` - `2021-06-24`	3 months	crt.sh
*.audrte.com Amazon	`2021-01-26` - `2022-02-24`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.ad.gt Amazon	`2020-07-07` - `2021-08-07`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
report.hb.brainlyads.com R3	`2021-04-30` - `2021-07-29`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-03-26` - `2021-06-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
*.redinuid.imrworldwide.com Amazon	`2020-07-24` - `2021-08-24`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
js.cookieless-data.com R3	`2021-03-07` - `2021-06-05`	3 months	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.eyeota.net R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh

This page contains 51 frames:

Primary Page: https://www.aha-music.com/
Frame ID: 90392ADB7EE40CD378644B660BF518B5
Requests: 109 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdnlX1TB7pMAYmgHKm-wY86KFANP4-MlLvVnqG9e7gjsFyJWs_pcB9kRfx_37aiUh9kVAtLUJMGzrWsjnCA9L8K8Ln_2hytQbwVBewp__aKg3uXysKJWzQIkGmVDrg3Zm2NyMeqihPUUa0t-GSLTcQSkhO4wLUb4Aw9fIJNaAgbgqyWm-FnOaI9A0DG4kb0NqmCHNlMHHpHRoQX0ZKQdF9sXUKs2hfSWIOeV-LY67s2ESf0zsL4zW4SaljU_hQ6J0QRz1I1fjjes0zt_g--T394DN03rGoSJCgsNjFicldNMCIqtHGvEFMwBo79eM&sai=AMfl-YRQ7Vq17S8uKDZx5e7OXYOdTH-3hG-N_AQHMVRmDE0XYxZIqi7goZrzMa7oKcTrTLZnHZO2m5CNzNHgTav6kX4sJ0mHL0EA6qarCMfpZeb-ySpV1U2wQFq1AYBS2dM&sig=Cg0ArKJSzN2kgPEAtQGpEAE&urlfix=1&adurl=
Frame ID: 03F549C1ED25DC251C2EB219C1EFD22D
Requests: 40 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: EABCC9B1E8EB24B25A244BAE633B4078
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 98AF6F287F0DA5D339F9A83E7EB02DA2
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=94&advUuid=7f670fd6-abc3-11eb-93d9-14f0ef8b0206
Frame ID: 011A5CB5F410D73687D0FCDB284221B3
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=98&advUuid=a2517148-c62d-467f-85fa-be62e2287e12
Frame ID: 2CF2F4117B5BC6ADEF5DF0165928193A
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 8463A4A340AB87BBA77B39FD3693C21A
Requests: 3 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 0E1FD19B4522B2370900DB442581749C
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3A30D5A3983A979960D4346F1E11B080
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: 62BCA08420F0BA301DED78DDB9C8800A
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=laq0V7zUOx0jE7jTM9b6&pi=admatic&tc=1
Frame ID: 3610A45D827EAD064D7A2BCBD9870CAA
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: D257D89A741740660A6CC5B68B6B0F83
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: D007C4597664C49ADA50CA1635A7501F
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: A9FAF9AA21DA95B35AA017351A256A79
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: BB3735978B88D3A335AA8E63B8A557D3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 80486EADFE5976620393AE9C4E583686
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0C58D1709EA2839A22B4AA75A216A558
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 84CB99EEED5F07A5043E49FF064B64BC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 0D2B75B71AC03F1191575C7367D0F0A4
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7082973f7bb48dba%26uid%3D
Frame ID: 8E74C603B6284F16984D1582B7FC25E7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D8D92964C26952972F3C73717700B673
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 139FF1656C749E9464B3BE65E66E46F2
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0064731E96A197C5D2A20CAB4B201301
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5C49569401A90EB5D85B19D6AEE61C3E
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/4231/?ver=1.0&pageId=1825894901&sizes=[[728,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.aha-music.com/%22],[%22referrer%22,%22%22]]
Frame ID: 4B88454BF0696B554D51B24ADABE6341
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/4228/?ver=1.0&pageId=1825894901&sizes=[[970,250],[728,90],[728,250],[970,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.aha-music.com/%22]]
Frame ID: AC00D87C4A188EF7216D442D182AD382
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 5F1422E60222932DA2B86578BA7C9783
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B1676570F69D963FCCE29F85E14867D1
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Frame ID: 5A3EA3CD77F9B0EF8B9873D0CB3F0DD7
Requests: 37 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Frame ID: 68A5ADE482D97043F4397C05FE7486A1
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&cmp=0
Frame ID: E569692D3708474A0441D6ECF808B495
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 47BD2F5A39ECB419EC9182389D5B8F2F
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B316B4C287ED93C35ACEE84266467575
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E33C7563E23EF31E23B87E4A54B8AEDC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5905BEB7473A1D6431CB0CCFD7894BA3
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1620014172978
Frame ID: DC3A44348A20C6633986704D3A5EACCE
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Frame ID: BCFA990780D2EF363970D170E395C804
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bL3J6uJbar64kIaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined&gdpr=1
Frame ID: 18DA384254FD2E846E96209C68A2606F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 725B1340B5A953FDD295B63A85AA76E6
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Frame ID: A0EE2391FC2743BB796D857FC163896F
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1620014172978
Frame ID: C7ABBC01B963BEFA14A4E9C4AB3C9030
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 906A6EFA5EEAF2786A1C3E3F9696C951
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2E8BB43DB34C0B85A1887CFC84D49B28
Requests: 10 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: BF0549250484E50FCD8609A8E7B3050F
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: FFF13A699A9E951FC3155C5AD7C5A1A5
Requests: 8 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AKHFD1bpbbEG7YeS
Frame ID: DEB86B6DEF8492A176EB2D150CF7B837
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: EC929EC2114CBE8CEDDDF2D91659FAB6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 321683EC3A31AD77D3DB9035DBDA770C
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 1BC6B843EE6014E97AE41601B48EA97F
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 5336D07188821809126A1ABDF2FF7097
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: E034034CD8127BA5BF9D456AFB2391CE
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

417
Requests

98 %
HTTPS

28 %
IPv6

102
Domains

156
Subdomains

106
IPs

12
Countries

5648 kB
Transfer

11175 kB
Size

2
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/aha-music-music-identifie/dpacanjfikmhoddligfbehkpomnbgblf
Title: Chrome Extension

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/ejfccgmelcclnoadalcepdmnpgcnglfc
Title: Edge Addon

Search URL Search Domain Scan URL

URL: https://www.notion.so/astonysh/How-to-scan-files-on-the-browser-8b7201e463af45f087e791bedc0fba89
Title: Scan Files

Search URL Search Domain Scan URL

URL: https://changelogfy.com/aha-music/announcements
Title: Changelog

Search URL Search Domain Scan URL

URL: https://www.buymeacoffee.com/AHAMusic
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.acrcloud.com/?utm_source=ahamusic&utm_medium=web

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=7f67102d-abc3-11eb-93d9-14f0ef8b0206 HTTP 302
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=94&advUuid=7f670fd6-abc3-11eb-93d9-14f0ef8b0206

Request Chain 57

https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=98&advUuid=a2517148-c62d-467f-85fa-be62e2287e12

Request Chain 77

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=93&advUuid=2778b9f3-44ee-4244-900c-29f93503f347

Request Chain 78

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D99%26advUuid%3D&C=1 HTTP 302
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=99&advUuid=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

Request Chain 79

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.sekindo.com%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D608f745ab3d80%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=105&advUuid=7523185923035086846

Request Chain 96

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=laq0V7zUOx0jE7jTM9b6&pi=admatic&tc=1

Request Chain 97

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Request Chain 102

https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-b23f9d7b-4e22-45a3-909c-0b5c805b8617

Request Chain 108

https://ih.adscale.de/uu?cbfn=receive&t=1620014171 HTTP 302
https://ih.adscale.de/uu?cbfn=receive&t=1620014171&nut&uu=055412cfcf384058808ab07f1c1e5023

Request Chain 111

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=aed4ba2c45aeb3da

Request Chain 112

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=83bff1cb08c00d6dda4fa9f2

Request Chain 113

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6c2a1837-33f4-4d65-aa13-e8548f3bff8a

Request Chain 114

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7523185923035086846

Request Chain 115

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=aed4ba2c45aeb3da

Request Chain 117

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7082973f7bb48dba HTTP 302
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=7082973f7bb48dba

Request Chain 118

https://sync.1rx.io/usersync2/eplanning HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4558667635 HTTP 302
https://sync.1rx.io/usersync/tradedesk/bda644ec-55de-48a5-af09-ed9088c1d433 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-32cbabf8-3fc3-4c4f-8b64-ac0c0355a3ff-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-32cbabf8-3fc3-4c4f-8b64-ac0c0355a3ff-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
https://sync.e-planning.net/um?uid=RX-32cbabf8-3fc3-4c4f-8b64-ac0c0355a3ff-003&dc=1079cc634ca638f8&iss=1

Request Chain 122

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D7082973f7bb48dba%26uid%3D%24%7BUID%7D HTTP 302
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=7082973f7bb48dba&uid=6c2a1837-33f4-4d65-aa13-e8548f3bff8a

Request Chain 126

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D7082973f7bb48dba HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F

Request Chain 127

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7082973f7bb48dba%26uid%3D%24UID HTTP 302
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7082973f7bb48dba&uid=7523185923035086846

Request Chain 129

https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-.Slqo6RE2uHT5gfct7f61n_YOvTzCTf6iakX2oM-~A

Request Chain 130

https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D7082973f7bb48dba%26uid%3D%7B%24UID%7D HTTP 302
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=7082973f7bb48dba&uid=61c065ec1696f79439e719708577bce141ab5263

Request Chain 132

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 141

https://bbnaut.ibillboard.com/match/AdScale?partneruid=055412cfcf384058808ab07f1c1e5023&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?tpid=101&tpuid=BBID-01-02947281723574814-16277688

Request Chain 151

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YI90XAAAqRtpTQAC HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YI90XAAAqRtpTQAC&_origin=0&gdpr=1&gdpr_consent=&_test=YI90XAAAqRtpTQAC

Request Chain 152

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=151d6354-3b2b-49af-ba2f-8433b24bcf2e&_origin=1&gdpr=1&gdpr_consent=

Request Chain 153

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP801e8c37-abc3-11eb-b769-06bc59bb0262 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP801e8c37-abc3-11eb-b769-06bc59bb0262&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA4MDFlOGMzNy1hYmMzLTExZWItYjc2OS0wNmJjNTliYjAyNjI%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEE8x0x-gjtrnPFKpLFYPrSY&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEE8x0x-gjtrnPFKpLFYPrSY&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEE8x0x-gjtrnPFKpLFYPrSY&google_cver=1&apid=UP82080cbb-abc3-11eb-ba37-02c2cb9988ce

Request Chain 154

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4a9d58ab1ef01ccb5fb1ff2858b5b682&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g099_6957907887796705968 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGE5ZDU4YWIxZWYwMWNjYjVmYjFmZjI4NThiNWI2ODI=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEM9xU6-jM_tRruGpS4Fl2J4&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=151d6354-3b2b-49af-ba2f-8433b24bcf2e HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/4a9d58ab1ef01ccb5fb1ff2858b5b682&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-tpFTSOVE2oPQrSq88GQxPL9SD7MJyH6aiAn8Lmlu~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5545279270872244402 HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4a9d58ab1ef01ccb5fb1ff2858b5b682&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&717=y-tpFTSOVE2oPQrSq88GQxPL9SD7MJyH6aiAn8Lmlu%7EA&951=5545279270872244402&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g051_6957907887797081477 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGE5ZDU4YWIxZWYwMWNjYjVmYjFmZjI4NThiNWI2ODI=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=NGE5ZDU4YWIxZWYwMWNjYjVmYjFmZjI4NThiNWI2ODI=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMsKqU8w_byES6pCmOc4kkk&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=bda644ec-55de-48a5-af09-ed9088c1d433 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D

Request Chain 157

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=33addb77-b222-4bc3-9986-23257a6b75db&adnxs_id=$UID HTTP 302
https://ids.ad.gt/api/v1/match?id=33addb77-b222-4bc3-9986-23257a6b75db&adnxs_id=7523185923035086846

Request Chain 158

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=33addb77-b222-4bc3-9986-23257a6b75db HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=33addb77-b222-4bc3-9986-23257a6b75db HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=151d6354-3b2b-49af-ba2f-8433b24bcf2e&id=33addb77-b222-4bc3-9986-23257a6b75db

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=33addb77-b222-4bc3-9986-23257a6b75db HTTP 302
https://ids.ad.gt/api/v1/g_match?id=33addb77-b222-4bc3-9986-23257a6b75db&google_gid=CAESEGmij0xmMF1uRWmPfFxLFjI&google_cver=1&google_ula=450542624,0

Request Chain 161

https://ids.ad.gt/api/v1/g_hosted?id=33addb77-b222-4bc3-9986-23257a6b75db HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzNhZGRiNzctYjIyMi00YmMzLTk5ODYtMjMyNTdhNmI3NWRi

Request Chain 162

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=33addb77-b222-4bc3-9986-23257a6b75db HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=ZwrrWNGBiZi4&ev=1&pid=562316&id=33addb77-b222-4bc3-9986-23257a6b75db

Request Chain 164

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=33addb77-b222-4bc3-9986-23257a6b75db&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D33addb77-b222-4bc3-9986-23257a6b75db HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=33addb77-b222-4bc3-9986-23257a6b75db&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D33addb77-b222-4bc3-9986-23257a6b75db HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=63146526281464078622612015753529730534&id=33addb77-b222-4bc3-9986-23257a6b75db

Request Chain 165

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=a2373cb4be0688dfb4f4f3b7487f1642396c0b48a75bb2c0a15c5afbd84352bf&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YI90Wh8GCBehdDZLsvjnwQAA%261146&gdpr=0

Request Chain 193

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=5f0464327a6aafe6824f4de0f85b2f8a4ab8d5bd454e52b0aca02b1e803179d6&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=0&gdpr_consent=

Request Chain 194

https://track.adform.net/serving/cookie/match/?party=9&uid=6e64dcb8c7552d83883b3fff3f9b6d40168154376fd02c861f82aac7632c5681&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fimg&gdpr=0 HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=6e64dcb8c7552d83883b3fff3f9b6d40168154376fd02c861f82aac7632c5681&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?tpid=42&gdpr=0&tpuid=5924006585161571960

Request Chain 195

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=ef0d5b9e25c1c8d75f42c521b7408319650d99418de7f01efc180c8b100d2212&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=2b81220b-957b-440e-a837-5cc77f603144

Request Chain 196

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=6737b38577f78b0fb5ccd652b843f3b9f8980bbf1b0d4985b8b829f1017fccd1&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=0&gdpr_consent=

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=3f76812dc55bc5eff5b22e3dc4ff766f83f20795dce5e41a597e152ab2fd9507&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?uid=3f76812dc55bc5eff5b22e3dc4ff766f83f20795dce5e41a597e152ab2fd9507&tpid=38&gdpr=0&tpuid=CAESEPw9PV-yhTysAo2-uMU7hn4&google_cver=1

Request Chain 198

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=47d0945bcdfd7f08c008bbcedb0554082cc1812e779fa9686972635fc133f954&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fjs&gdpr=0 HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=47d0945bcdfd7f08c008bbcedb0554082cc1812e779fa9686972635fc133f954&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/js?tpid=48&tpuid=f49301ff7ae0434e90197a381ecbc0c4

Request Chain 215

https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Fwww.aha-music.com%2F&rl=&if=false&ts=1620014174344&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AHA%20Music%20-%20Song%20Finder%20for%20Browser%20%7C%20What%20song%20is%20this%3F%3F%22%2C%22meta%3Adescription%22%3A%22What%20song%20is%20this%3F%20Song%20identifier%20tells%20you.%22%2C%22meta%3Akeywords%22%3A%22shazam%2C%20shazam%20online%2C%20what%20is%20this%20song%2C%20What%20song%20is%20this%2C%20what%27s%20this%20song%2C%20song%20finder%2C%20find%20song%2C%20song%20name%2C%20name%20of%20the%20song%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620014172841.39959802&it=1620014172802&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=6440010347292210746&f=AYyqnilz9XcOPEGTpmgx1jYYfbd1AJGZE1Uo4Zgd51RoBWU0PmdRhB69eb9AuoEYFs6lJTiEWnVKDh9Z024cHMBs&id=1853083501571805&l=3&v=0

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKkS8lLdBk9UscF9mOmm8xs&google_cver=1

Request Chain 247

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t

Request Chain 249

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YI90Wh8GCBehdDZLsvjnwQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG9Fdaj7OIRWBwe2fCH6Ja0&google_cver=1

Request Chain 250

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Vmh3dVdsenZNYXkqVjtidVBqdndNbn1yWGywN1Da

Request Chain 251

https://idsync.rlcdn.com/461886.gif?partner_uid=YI90Wh8GCBehdDZLsvjnwQAA%261146 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CL6YHBIpCiUIARDY9gEaHVlJOTBXaDhHQ0JlaGREWkxzdmpud1FBQSYxMTQ2EAAaDQjh6L2EBhIFCOgHEABCAEoA HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a9e67402-a477-0fa2-0d5d-184787164ac0

Request Chain 253

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622606177

Request Chain 256

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEC44D60vXrj7wOV5c9-Odds&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Request Chain 257

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=78838e74-9b55-43a2-9963-e7bd60d74cb8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Request Chain 259

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=bda644ec-55de-48a5-af09-ed9088c1d433&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Request Chain 261

https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1368&env=mWeb&cid=g051_6957907887797081477&gdpr=${GDPR_ENFORCED}&gdpr_consent=${GDPR_CONSENT}

Request Chain 263

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=ed926a03-cb51-42da-a2ae-a19d58927192&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 264

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b6dcff71-b4a3-4946-7009-eb43aa0596fa&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=63146526281464078622612015753529730534&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Request Chain 266

https://bn01.er.bemail.it/zeotap.php?_bid=b6dcff71-b4a3-4946-7009-eb43aa0596fa&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021050305-84429-0.106064001620014176-47dc50a6d54045f493e9fcfb52ad5d0a&zdid=533&env=mWeb

Request Chain 267

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6957907896395102350&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Request Chain 268

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=b6dcff71-b4a3-4946-7009-eb43aa0596fa HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b6dcff71-b4a3-4946-7009-eb43aa0596fa

Request Chain 269

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b6dcff71-b4a3-4946-7009-eb43aa0596fa&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b6dcff71-b4a3-4946-7009-eb43aa0596fa&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361&bounce=1&random=3598144104 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=0fmTRPoHkqwNBgRJF/hdL.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Request Chain 271

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=b6dcff71-b4a3-4946-7009-eb43aa0596fa?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=b6dcff71-b4a3-4946-7009-eb43aa0596fa?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=45d6955b33e7146e22004a3e2c7378c8&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Request Chain 272

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-G.i785tE2oqP4knPWPz3ptOYVGeawPrgeg--~A&zpartnerid=570&env=mWeb

Request Chain 273

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=zhh2kUJAhlvqfcCoiH29oB0ni55nkdsh%2BS41iYitP1U%3D

Request Chain 277

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361&_test=YI90XwAAqTiNKQAC HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YI90XwAAqTiNKQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&_test=YI90XwAAqTiNKQAC

Request Chain 278

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=d147608f-745d-4900-9a98-2c16c7c6709f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Request Chain 279

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Request Chain 280

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b6dcff71-b4a3-4946-7009-eb43aa0596fa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b6dcff71-b4a3-4946-7009-eb43aa0596fa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&dcc=t

Request Chain 281

https://tags.bluekai.com/site/87734?id=b6dcff71-b4a3-4946-7009-eb43aa0596fa&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

Request Chain 314

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GIvVYcFQ1LDpGV5

Request Chain 315

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=7dc29d92-0f50-46de-acda-f6a387832a3d HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=7dc29d92-0f50-46de-acda-f6a387832a3d HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d017d882-9d82-4a68-9e1e-ae95c999ef38&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=ab44c01f-ec58-4846-83cf-8c234d25a1f1

Request Chain 316

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcmowN0JIdWtBQUNzSVNRRk5pZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 317

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d147608f-745d-4900-9a98-2c16c7c6709f

Request Chain 318

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=6Q4RougKHKHyBx_96V0Eou8MEKDyCBul5wogp0zl

Request Chain 319

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5924006585161571960

Request Chain 322

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVyY2Z6zJ5oAYm7ZjjnLo4&google_cver=1

Request Chain 324

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GIvVYcFQ1LDpGV5

Request Chain 325

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ab44c01f-ec58-4846-83cf-8c234d25a1f1&ssp=openx&gdpr=&gdpr_consent=

Request Chain 326

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcmtFN0JIdWtBQUNzSVNRRk5pZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 327

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d147608f-745d-4900-9a98-2c16c7c6709f

Request Chain 328

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=6Q4RougKHKHyBx_96V0Eou8MEKDyCBul5wogp0zl

Request Chain 329

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5924006585161571960

Request Chain 332

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVyY2Z6zJ5oAYm7ZjjnLo4&google_cver=1

Request Chain 340

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

Request Chain 342

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t

Request Chain 343

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=39C2288EF39B471880AC08E082429A8D&gdpr=1

Request Chain 344

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=062f220402b4dcff72172ea0&expiration=[EXPIRATION]&gdpr=1

Request Chain 348

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3842072525091506581

Request Chain 352

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=44b0ad74-a602-4d94-83e0-2553da1dd05f

Request Chain 353

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YI90Wh8GCBehdDZLsvjnwQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG9Fdaj7OIRWBwe2fCH6Ja0&google_cver=1

Request Chain 365

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5545279270872244402

Request Chain 366

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5545279270872244402

Request Chain 367

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=d7997f9a-586a-527b-ab01-3e8fcb8e4aeb

Request Chain 368

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-yQGCHrVE2uH2O_fIpmuAs21GGYbylJ.69gj194s-~A

Request Chain 369

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5545279270872244402

Request Chain 376

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

Request Chain 377

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=1&gdpr_consent=

Request Chain 378

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1620100579&gdpr=1

Request Chain 379

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=GIvVYcFQ1LDpGV5&gdpr=1

Request Chain 380

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t

Request Chain 409

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YI90XwAAqTiNKQAC

Request Chain 410

https://id5-sync.com/s/19/9.gif?puid=45d6955b33e7146e22004a3e2c7378c8&gdpr=1 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=45d6955b33e7146e22004a3e2c7378c8&gdpr=1&gdpr_consent= HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOeWJJ9nI2hQBHavzkP0E2qK640yHNT5ix8-Yj5Q/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/8/2.gif?puid=3842072525091506581&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=83dc0f552270cc693e1c904f2e54cc42&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOeWJJ9nI2hQBHavzkP0E2qK640yHNT5ix8-Yj5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NDVkNjk1NWIzM2U3MTQ2ZTIyMDA0YTNlMmM3Mzc4Yzg&google_redir={xENCODEDURL}&id5id=ID5-ZHMOeWJJ9nI2hQBHavzkP0E2qK640yHNT5ix8-Yj5Q

Request Chain 411

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d147608f-745d-4900-9a98-2c16c7c6709f

Request Chain 412

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=45d6955b33e7146e22004a3e2c7378c8&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=78838e74-9b55-43a2-9963-e7bd60d74cb8

Request Chain 413

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=5924006585161571960 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESELH5XmY5n170qfo1nueQVdw&google_cver=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=34bmLnTslQNTcCRZ7gRCF9-yw&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 414

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=34bmLnTslQNTcCRZ7gRCF9-yw&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=34bmLnTslQNTcCRZ7gRCF9-yw&gdpr=0&gdpr_consent=&google_gid=CAESELH5XmY5n170qfo1nueQVdw&google_cver=1 HTTP 302
https://a.audrte.com/p

417 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.aha-music.com/ 493 KB
97 KB 565ms
539ms Document
text/html 2606:4700:3035::ac43:c984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c984 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 823ce21e3164880b6c199d5f35f6de79c7fed73389beac691161f129ab86cd8d

Request headers

:method: GET
:authority: www.aha-music.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:09 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=def3afa59dcc8df9fa1c2f76fbe7f02da1620014168; expires=Wed, 02-Jun-21 03:56:08 GMT; path=/; domain=.aha-music.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 09d1f793520000176ee39b5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c153cZcUpcL%2BgfyN5hK9FUUTV%2FLZ47vTU8551K7mjfLkpEFkywo3JRonjwyRTHkKHjp33CrxlCymEBDNItRawBpNtUkxJVkxWQvbLtMO48ST4Iav57fdUDaCV2s0XA%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64968ecbba26176e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f5f5dd5a49dcbbe006ca.js Show response
cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/ 2 KB
2 KB 24ms
5ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/f5f5dd5a49dcbbe006ca.js

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd6338fdd554e89b0a8fcaaa5b4650c5f82445e7a8f1339c183d0b7f1c5e7cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 35914
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1293
etag: W/"9e8-xwFuJOD+uzX8rsPyZnPPzbSmPVQ"
x-served-by: cache-fra19174-FRA, cache-hhn4043-HHN
date: Mon, 03 May 2021 03:56:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 816687bab075811eb1fc.js Show response
cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/ 171 KB
57 KB 29ms
11ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/816687bab075811eb1fc.js

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e579bc20c9ff1d66993932671e73445eb4a8a81221603735e9d4b3d827e90059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31608
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 58613
etag: W/"2aca3-znXO6q/nmFHMXDEukSG8Cts8JdU"
x-served-by: cache-fra19166-FRA, cache-hhn4043-HHN
date: Mon, 03 May 2021 03:56:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 3b80415bb487c5dfbc1a.js Show response
cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/ 2 MB
535 KB 36ms
18ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/3b80415bb487c5dfbc1a.js

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

05b2fb81070dc918ce1521a6f176bb23e44d395b38bf5b3a8e85b520272cdc40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 13321
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 547086
etag: W/"214e4d-5Gild/+SlW5nV1YKh+gkOIPE7qU"
x-served-by: cache-fra19160-FRA, cache-hhn4043-HHN
date: Mon, 03 May 2021 03:56:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 7e22862da118ebc6f002.js Show response
cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/ 52 KB
16 KB 29ms
12ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/7e22862da118ebc6f002.js

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6073d8576314e4d9ceb122954e2a5e5a85ad71301323ce6ccf4c8e5a837f162b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 10950
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 16787
etag: W/"d0cc-Aztm4WXBnxLgYdNe6VDE1v7jVkk"
x-served-by: cache-fra19140-FRA, cache-hhn4043-HHN
date: Mon, 03 May 2021 03:56:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 90ca4119fc816903f383.js Show response
cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/ 95 KB
57 KB 23ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/90ca4119fc816903f383.js

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8c5f84a43b4e58ff6b38e976c430a3a4122554b1ab56c32f91ed69be1c4b2de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 22552
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 57784
etag: W/"17b89-Qz8MOlZkGJyypiiQsGvIWiJvKCI"
x-served-by: cache-fra19140-FRA, cache-hhn4043-HHN
date: Mon, 03 May 2021 03:56:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 Wy5DViHqK8k66IcsaBGsxVs3vvQ.js Show response
www.aha-music.com/cdn-cgi/apps/head/ 5 KB
2 KB 24ms
13ms Script
application/javascript 2606:4700:3035::ac43:c984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aha-music.com/cdn-cgi/apps/head/Wy5DViHqK8k66IcsaBGsxVs3vvQ.js
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c984 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64ec30c702d258a68d5fa072661304c3c566db12e94e154679794f8b6e91d7b

Request headers

:path: /cdn-cgi/apps/head/Wy5DViHqK8k66IcsaBGsxVs3vvQ.js
pragma: no-cache
cookie: __cfduid=def3afa59dcc8df9fa1c2f76fbe7f02da1620014168
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.aha-music.com
referer: https://www.aha-music.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 857942
content-type: application/javascript; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: E2CTDD89Q48SP1B4
x-amz-id-2: Ezfvd15FZtdhZwQNrSw7liUyhpl7B+u3BTYdBkYiCDMUcznO/wKtLt+SdpoqUUnLkMDk4DdF6pw=
last-modified: Wed, 21 Apr 2021 11:36:37 GMT
server: cloudflare
etag: W/"5c9a9b14f5b26575b6b1d0142a450a57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9SZmPZBIpjR%2F4Sz04UD1UeInYvzSffWKW2ycvuiuVwN06%2B8AHYOnYjxWvs%2FjgYIK%2F1ztBNoxal8qoHF12%2BYcvglfKTsCenm2Us5PQQKkRJuUHn36zTJ%2BwnFSEykzHg%3D%3D"}]}
x-amz-version-id: ecJQPwXnUHvgO1RoPu2STKs3I7f7zEGQ
cache-control: public, max-age=31536000
cf-request-id: 09d1f7958b00004a56fc3bc000000001
cf-ray: 64968ecf4dc64a56-FRA

GET
H2 200 widget.prod.min.js Show response
cdnjs.buymeacoffee.com/1.0.0/ 6 KB
3 KB 65ms
35ms Script
application/javascript 2606:4700:20::681a:b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.buymeacoffee.com/1.0.0/widget.prod.min.js
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3488d0194cc5aa29056cd44d1564c46c629e5a335ae3baa073e2baf57865aea

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: ddfbe8cd-5746-470e-af8b-dc480fe67201
date: Mon, 03 May 2021 03:56:09 GMT
content-encoding: br
x-language: en
nel: {"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d1f7959f00004e3ec3ac3000000001
server: cloudflare
etag: W/"8ccf77dde47b09484db34f09ef2b1fdf-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XgiiWovmhdPx08Fzk9GZ25Jt656F%2FUJxUV%2BWlV7xdwKlA1vEJ2p%2B3GRdEldIhKAqPZdTZH5oywySxA7hcTEtjPnq7crTG8QlQEAJsXGgtUuaSkTHTVb%2F3%2Bsrf0XCAzH4xGMY"}],"group":"cf-nel"}
content-type: application/javascript
x-country: DE
cache-control: public, max-age=31536000, must-revalidate
cf-ray: 64968ecf6bf84e3e-FRA

GET
H3-29 200 uQaqhgzNHvqjiTCaaP7Yn_sEiS4.js Show response
www.aha-music.com/cdn-cgi/apps/body/ 2 KB
2 KB 13ms
13ms Script
application/javascript 2606:4700:3035::ac43:c984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aha-music.com/cdn-cgi/apps/body/uQaqhgzNHvqjiTCaaP7Yn_sEiS4.js
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/cdn-cgi/apps/head/Wy5DViHqK8k66IcsaBGsxVs3vvQ.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c984 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dfe860a2ab24bbb47c49379451e12c69358ef8a10dc17e9592049ffa7403f1d

Request headers

:path: /cdn-cgi/apps/body/uQaqhgzNHvqjiTCaaP7Yn_sEiS4.js
pragma: no-cache
cookie: __cfduid=def3afa59dcc8df9fa1c2f76fbe7f02da1620014168
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.aha-music.com
referer: https://www.aha-music.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 857941
content-type: application/javascript; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RBMQEDWWX75K720P
x-amz-id-2: c8GartmJeHldtLBOtevD2Mg6Ink/rsmRp3fiirF/WTNGRqB9CUZ3V26Xm6tDP2ZMfHBOVB5W1xM=
last-modified: Wed, 21 Apr 2021 11:36:37 GMT
server: cloudflare
etag: W/"b0a208e266b0c775ebb4754d877a7d8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LWF%2B8V1%2BT9XzGoQj8MlEAKdsrm3TpOCvIs74fxc5ERp4ayNIUNBYZM%2FkXujFsamujEOa97g35nFBn6Dc0oRqCgGo3RqlWMJCFkBSDHPR7%2FZoqxkzty9y2t4R7OJ60Q%3D%3D"}]}
x-amz-version-id: 8oC8FqEIBhGO69CqR4ygIid_ZPBz8aXY
cache-control: public, max-age=31536000
cf-request-id: 09d1f795c400004a568e022000000001
cf-ray: 64968ecf9e364a56-FRA

GET
DATA 200
OK truncated
/ 430 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89d2e87bd79191af306f424d635ebf6bab09aa45216324b8c06e1a5dd6ea7bb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3-29 200 api.js Show response
www.aha-music.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 9ms
8ms Script
text/javascript 2606:4700:3035::ac43:c984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aha-music.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:c984 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: __cfduid=def3afa59dcc8df9fa1c2f76fbe7f02da1620014168
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.aha-music.com
referer: https://www.aha-music.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZjyfVb%2FEMRKiwcefQpT8sRzRqPMTbJBsGypwJuE2V1chdllxIaRVcMG724%2BcDi40dzQbPG98GOnIPZneIp%2BxergN3VyZJ2mq7lNqSR7uRBQHlfbqRR8qRT%2FqrZ1G2Q%3D%3D"}]}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 64968ed138bf4a56-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d1f796c400004a56b594e000000001

GET
H3-29 200 acrcloud-logo.png
www.aha-music.com/ 9 KB
10 KB 507ms
506ms Image
image/png 2606:4700:3035::ac43:c984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aha-music.com/acrcloud-logo.png
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c984 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545c416bf0b62932ab60d27ad6d495bd42b4e6a02e92f480c81dddda7f9838dc

Request headers

:path: /acrcloud-logo.png
pragma: no-cache
cookie: __cfduid=def3afa59dcc8df9fa1c2f76fbe7f02da1620014168
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.aha-music.com
referer: https://www.aha-music.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9672
cf-request-id: 09d1f7972f00004a56b8a99000000001
last-modified: Wed, 18 Mar 2020 10:34:31 GMT
server: cloudflare
etag: W/"25c8-170ed358052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ZXSdQHCbSX6T08TssXk7cz%2Frpm8ojp4u7s0DPjxHWYoVmPtJuqLfNtyJsQbGlbpSMA1jGk4bC5gLYpJNbOV5h19a0bAle7bb9MkzpixTtHJru5EmabUjtaJNnlaAA%3D%3D"}]}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 64968ed1e9be4a56-FRA

GET
DATA 200
OK truncated
/ 42 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba8319fda1e7ce329a90acf0efa643a5f0b4da10cd11a9ede9c1237221e818dd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 30ms
13ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 09d1f797430000c2f44387f000000001
last-modified: Fri, 30 Apr 2021 09:06:15 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"608bc887-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QO5T9xQ7xVsK5POthQmMvFvgfllY%2BGa2OsltjFbmPkI%2B0I8Vuzd7ZtGcj2U26ckakEwYn5spEWsOSVkVVUpSmHEyKDqgvsTPbLQF%2BV5q3FXZiU4muSU9k6khddKlS1Sw"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 64968ed20f52c2f4-FRA
expires: Wed, 05 May 2021 03:56:09 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 27ms
11ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2054327b1f4678abefcf46666f6ab7d2fff992ee07e0e67aa9ee8d597c03657c

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:09 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 16:41:48 GMT
server: cloudflare
etag: W/"3ee26b93-02fc-4737-be7e-adc801e11cd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 64968ed2383405cc-FRA
cf-request-id: 09d1f79762000005ccdd9ad000000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 38ms
16ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

084063d1c007bb135bd9dac17880c5b6f32141440835e1d4824ecb962be9f7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "860 / 570 of 1000 / last-modified: 1619820675"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21192
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:09 GMT

GET
H/1.1 200
OK 65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff
bmc-cdn.nyc3.digitaloceanspaces.com/Fonts/ 22 KB
22 KB 404ms
194ms Font
application/font-woff 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://bmc-cdn.nyc3.digitaloceanspaces.com/Fonts/65d75eb0-2601-4da5-a9a4-9ee67a470a59.woff

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

162.243.189.2 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

ab4883df74435cbd0eb4d9ddfa492e7cc2a4be7ceff47fcefe82199aed9c4ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Origin: https://www.aha-music.com
Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:53:26 GMT
last-modified: Wed, 02 May 2018 07:26:09 GMT
age: 163
etag: "edc05a13a301b3a6e023292eb0762d1c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=60000
content-length: 22051
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
x-amz-request-id: tx00000000000000855510a-00608f73b6-4d93f15-nyc3a

GET
H2 200 loader.svg
cdn.buymeacoffee.com/assets/img/widget/ 1 KB
1 KB 30ms
22ms Image
image/svg+xml 2606:4700:20::681a:b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.buymeacoffee.com/assets/img/widget/loader.svg
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc50845649eef3ca755e444896a607b1dd75260a815da51be1f67d2c2b7ce2d

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:09 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4685
x-amz-meta-sha256: 8dc50845649eef3ca755e444896a607b1dd75260a815da51be1f67d2c2b7ce2d
content-type: image/svg+xml
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d1f7976000004e3edbab0000000001
last-modified: Wed, 15 Apr 2020 14:21:42 GMT
server: cloudflare
etag: W/"ebcc5bf2ffe21dd55db07a33fe9fce60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SpGK3cDT1bEYijLwE0GCS0Pyd1gKeHTKLFbhVubxvyZytwr9owJOi6yTYMBliy107054EX7WGDQIYSGH8IXg7VIVT%2BXhy%2BaoPricv%2B2szRdfDjxrZCSC2wa4Odo1ijNUXg%3D%3D"}],"group":"cf-nel"}
x-amz-version-id: y778U96Hs9yxANBOcjeA5_0EDkx.kP0f
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 64968ed23fd14e3e-FRA
x-amz-cf-id: zK66U-Fstk2HYTL1u7oO9KpwxXS9cBVgy6Wds5lxSlYUH190E_OI7Q==
x-amz-meta-s3b-last-modified: 20200415T141908Z

GET
H2 200 coffee%20cup.svg
cdn.buymeacoffee.com/widget/assets/ 8 KB
4 KB 32ms
24ms Image
image/svg+xml 2606:4700:20::681a:b27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.buymeacoffee.com/widget/assets/coffee%20cup.svg
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 241e4e553d88785f2ce15f635f3a2f10ed8f6642a4da85e48d17964cbe388152

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:09 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3553
x-amz-meta-sha256: 241e4e553d88785f2ce15f635f3a2f10ed8f6642a4da85e48d17964cbe388152
content-type: image/svg+xml
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d1f7976000004e3e6992b000000001
last-modified: Fri, 25 Sep 2020 11:10:28 GMT
server: cloudflare
etag: W/"5572d2019f86ec54861b019efe375dba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FeodlGkqnbgehknnOKORm%2BqKv8YSlgxV9FVm%2FNHWnu0%2Fzf6YS8ImkvEQcT3nARI%2Fr8jV%2FfMPRb4s6IIS4mTVsDVPK0FV4Yz%2Ffs75BbEVc6lGTeVsd1MXcRqcF6NIqS76Ww%3D%3D"}],"group":"cf-nel"}
x-amz-version-id: pOnwg.pZJ5gG3GmZBjcSPve4ZBA2xNmH
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
cf-ray: 64968ed23fce4e3e-FRA
x-amz-cf-id: KF6yEafS9WVAEEkdSDHBvFiV147_h6l2ocBtweCIAuPZlYbkeehVPw==
x-amz-meta-s3b-last-modified: 20200925T111011Z

POST
H3-29 204 result Show response
www.aha-music.com/cdn-cgi/bm/cv/ 0
738 B 16ms
16ms XHR
text/plain 2606:4700:3035::ac43:c984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aha-music.com/cdn-cgi/bm/cv/result?req_id=64968ecbba26176e
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c984 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.aha-music.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __cfduid=def3afa59dcc8df9fa1c2f76fbe7f02da1620014168
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=64968ecbba26176e
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.aha-music.com
referer: https://www.aha-music.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OcFZehfy%2FwZzPWZYyl3vAl%2BVClnhJdJVxh59TccRX%2Bgh6HLk6lSeq%2FT726VqucOEHsFT%2FVJzK3NkBjd5orYoWRjJIncJHEW8KjwXCZq3MvrcBATBt3ZWhotFxKO0Kw%3D%3D"}]}
set-cookie: __cf_bm=e2991c9a106dc1759e905e4cacbbf0bac93239ac-1620014170-1800-AeF+0hejQ0ngLMec/vigwpxNOXlck19qd7Iz4rWsr2lYnEHUc3HhCGp6nuFi9JnMiB0WN0iArIX+CYoTbASqlKDWPv/WHi+6of4R7XNU0GsEbjvzpdkJiecfvP/YH8nKR/j/e1r16hVK7VXjBbRC5tI=; path=/; expires=Mon, 03-May-21 04:26:10 GMT; domain=.aha-music.com; HttpOnly; Secure; SameSite=None
cf-ray: 64968ed29aa54a56-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d1f7979e00004a56a78dc000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
32 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWC7PFB

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb1fd02189624a86c7963fdb274cc4c1ee58a9246cb2ab9117477d0d88e121ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32493
x-xss-protection: 0
last-modified: Mon, 03 May 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 03:56:10 GMT

GET
H3-29 200 pubads_impl_2021042701.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 29ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108684
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:10 GMT

GET
H2 200 c33c3b3cd522499c06e6.js Show response
cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/ 13 KB
5 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/c33c3b3cd522499c06e6.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/f5f5dd5a49dcbbe006ca.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eba4678fa0a351c47d18de41137b4a1e2aa94125f9e04e5e2540f9fa42492a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 15547
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 4652
etag: W/"356b-qTgc5R8+ad2LDXSbgnn9QgEG6j0"
x-served-by: cache-fra19154-FRA, cache-hhn4043-HHN
date: Mon, 03 May 2021 03:56:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 33ms
8ms Preflight
text/plain 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Server

2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.aha-music.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.aha-music.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 64968ed5e87b4e49-FRA
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip

POST
H2 200 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
78 B 8ms
8ms XHR
text/plain 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.aha-music.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 64968ed5f8924e49-FRA
vary: Origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWC7PFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 935
date: Mon, 03 May 2021 03:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 03 May 2021 05:40:35 GMT

GET
H/1.1 200
OK script.js Show response
powerad.ai/92813181936975/ 149 KB
31 KB 393ms
194ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/92813181936975/script.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWC7PFB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 937a4661479a0e4c4d8c22cc736cc9f893c427ecdc71b121da6e2f419a116088

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Apr 2021 21:10:37 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"25597-1791f782429"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H3-29 200 acrcloud-logo.png
www.aha-music.com/ 9 KB
10 KB 510ms
510ms Image
image/png 2606:4700:3035::ac43:c984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aha-music.com/acrcloud-logo.png
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/816687bab075811eb1fc.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c984 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545c416bf0b62932ab60d27ad6d495bd42b4e6a02e92f480c81dddda7f9838dc

Request headers

:path: /acrcloud-logo.png
pragma: no-cache
cookie: __cfduid=def3afa59dcc8df9fa1c2f76fbe7f02da1620014168; __cf_bm=e2991c9a106dc1759e905e4cacbbf0bac93239ac-1620014170-1800-AeF+0hejQ0ngLMec/vigwpxNOXlck19qd7Iz4rWsr2lYnEHUc3HhCGp6nuFi9JnMiB0WN0iArIX+CYoTbASqlKDWPv/WHi+6of4R7XNU0GsEbjvzpdkJiecfvP/YH8nKR/j/e1r16hVK7VXjBbRC5tI=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.aha-music.com
referer: https://www.aha-music.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9672
cf-request-id: 09d1f799cb00004a56b4030000000001
last-modified: Wed, 18 Mar 2020 10:34:31 GMT
server: cloudflare
etag: W/"25c8-170ed358052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8XDENO%2FVet33r8CdSy3A5%2Braf%2BN1Rk9cSWfEeKFFHptEu8zsfj2Tgkx81dxe3kOnvZx5YH6gOE5qV915zXDUv7hd9r8V%2FCybdYYuSe4E0t6NoAPR8myyHjUnIMJMjA%3D%3D"}]}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 64968ed61fb84a56-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.aha-music.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aha-music.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 45ms
44ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3259106650563524&correlator=1696271881688166&output=ldjh&impl=fifs&eid=31060938%2C31060735&vrg=2021042701&ptt=17&sc=1&sfv=1-0-38&ecs=20210503&iu_parts=21816933321%2CAha-music.com_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1620014170&dt=1620014170614&dlt=1620014169467&idt=1135&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=626&adks=1831455630&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.aha-music.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1200&msz=1x-1&ga_vid=2138946156.1620014171&ga_sid=1620014171&ga_hid=1239810693&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

185b932ec0174b3159d3abcbbaa8a952267f18b9112c368cd8bd9c298cb927e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4454
x-xss-protection: 0
google-lineitem-id: 5592558196
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138337065644
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.aha-music.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1bac27cdc39f9d3861cff4484fb58267.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 48ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1bac27cdc39f9d3861cff4484fb58267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 26ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1239810693&t=pageview&_s=1&dl=https%3A%2F%2Fwww.aha-music.com%2F&ul=en-us&de=UTF-8&dt=AHA%20Music%20-%20Song%20Finder%20for%20Browser%20%7C%20What%20song%20is%20this%3F%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1776928486&gjid=1874504960&cid=2138946156.1620014171&tid=UA-101242276-1&_gid=181841418.1620014171&_r=1&gtm=2wg4l3PWC7PFB&z=1137596275

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aha-music.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ae55166c2c070443f92b.js Show response
cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/ 33 KB
9 KB 6ms
5ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/ae55166c2c070443f92b.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/owlwang/ahamusic-public-dist/f5f5dd5a49dcbbe006ca.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e4f6e033378d3cdd051b23ab96191f1280558a2f94bcb0da6079dcdea09a5612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 911
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 8785
etag: W/"8266-HRT+961Mc+E6h2DFYUMMZdEiWcA"
x-served-by: cache-fra19147-FRA, cache-hhn4043-HHN
date: Mon, 03 May 2021 03:56:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-101242276-1&cid=2138946156.1620014171&jid=1776928486&gjid=1874504960&_gid=181841418.1620014171&_u=YAhAAEAAAAAAAC~&z=1181737856

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 03 May 2021 03:56:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.aha-music.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 03F5 0
0 18ms
17ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdnlX1TB7pMAYmgHKm-wY86KFANP4-MlLvVnqG9e7gjsFyJWs_pcB9kRfx_37aiUh9kVAtLUJMGzrWsjnCA9L8K8Ln_2hytQbwVBewp__aKg3uXysKJWzQIkGmVDrg3Zm2NyMeqihPUUa0t-GSLTcQSkhO4wLUb4Aw9fIJNaAgbgqyWm-FnOaI9A0DG4kb0NqmCHNlMHHpHRoQX0ZKQdF9sXUKs2hfSWIOeV-LY67s2ESf0zsL4zW4SaljU_hQ6J0QRz1I1fjjes0zt_g--T394DN03rGoSJCgsNjFicldNMCIqtHGvEFMwBo79eM&sai=AMfl-YRQ7Vq17S8uKDZx5e7OXYOdTH-3hG-N_AQHMVRmDE0XYxZIqi7goZrzMa7oKcTrTLZnHZO2m5CNzNHgTav6kX4sJ0mHL0EA6qarCMfpZeb-ySpV1U2wQFq1AYBS2dM&sig=Cg0ArKJSzN2kgPEAtQGpEAE&urlfix=1&adurl=

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 03:56:10 GMT

GET
H2 200 liveView.php Show response
live.sekindo.com/live/ Frame 03F5 35 KB
10 KB 50ms
20ms Script
text/javascript 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=99303&cbuster=2038748543&pubUrl=aha-music.com&x=500&y=281&vp_content=plembed1340ypuzhvgx&vp_template=5522&subId=[SUBID_ENCODED]
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: f3dbac07edc89651dc151dfad122d4491a447481a89d29788e961ffe2538ba52

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03F5 116 KB
35 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:10 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 38ms
17ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5da0885bb2c76cc8a1e731b51af8e74a7b04b3e7b166d94b5062b13eaac57263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7649
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-101242276-1&cid=2138946156.1620014171&jid=1776928486&_u=YAhAAEAAAAAAAC~&z=747429130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-101242276-1&cid=2138946156.1620014171&jid=1776928486&_u=YAhAAEAAAAAAAC~&z=747429130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060938

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:10 GMT

GET
H2 200 prebid-ads.php Show response
live.sekindo.com/live/ Frame 03F5 2 KB
1 KB 17ms
16ms Script
text/javascript 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/prebid-ads.php?s=99303&cbuster=2038748543&pubUrl=aha-music.com&x=500&y=281&vp_content=plembed1340ypuzhvgx&vp_template=5522&subId=[SUBID_ENCODED]&cbuster=1620014170&debugInformation=ABT%20/%20AdBck%20/%201%20/%20default&pubUrlAuto=https%3A%2F%2Fwww.aha-music.com%2F
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=99303&cbuster=2038748543&pubUrl=aha-music.com&x=500&y=281&vp_content=plembed1340ypuzhvgx&vp_template=5522&subId=[SUBID_ENCODED]
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c5d9d6673cf880d4ed272a50fa5dff64739487720120d0252825ac87696ca86

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

GET
H2 200 iab_consent_sdk.v1.0.js Show response
live.sekindo.com/content/ClientDetections/ Frame 03F5 19 KB
6 KB 15ms
14ms Script
application/javascript 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/prebid-ads.php?s=99303&cbuster=2038748543&pubUrl=aha-music.com&x=500&y=281&vp_content=plembed1340ypuzhvgx&vp_template=5522&subId=[SUBID_ENCODED]&cbuster=1620014170&debugInformation=ABT%20/%20AdBck%20/%201%20/%20default&pubUrlAuto=https%3A%2F%2Fwww.aha-music.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
etag: W/"5e441350-4be0"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 03 May 2022 03:56:10 GMT

GET
H2 200 DetectGDPR2.v1.1.js Show response
live.sekindo.com/content/ClientDetections/ Frame 03F5 9 KB
3 KB 15ms
15ms Script
application/javascript 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/prebid-ads.php?s=99303&cbuster=2038748543&pubUrl=aha-music.com&x=500&y=281&vp_content=plembed1340ypuzhvgx&vp_template=5522&subId=[SUBID_ENCODED]&cbuster=1620014170&debugInformation=ABT%20/%20AdBck%20/%201%20/%20default&pubUrlAuto=https%3A%2F%2Fwww.aha-music.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:49 GMT
server: nginx
etag: W/"6024fccd-228f"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 03 May 2022 03:56:10 GMT

GET
H2 200 DetectGDPR.v1.1.js Show response
live.sekindo.com/content/ClientDetections/ Frame 03F5 8 KB
3 KB 15ms
15ms Script
application/javascript 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/prebid-ads.php?s=99303&cbuster=2038748543&pubUrl=aha-music.com&x=500&y=281&vp_content=plembed1340ypuzhvgx&vp_template=5522&subId=[SUBID_ENCODED]&cbuster=1620014170&debugInformation=ABT%20/%20AdBck%20/%201%20/%20default&pubUrlAuto=https%3A%2F%2Fwww.aha-music.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
etag: W/"6024fccc-1ef8"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 03 May 2022 03:56:10 GMT

GET
H2 200 hls.0.12.4_2.min.js Show response
live.sekindo.com/content/video/hls/ Frame 03F5 256 KB
86 KB 18ms
18ms Script
application/javascript 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/prebid-ads.php?s=99303&cbuster=2038748543&pubUrl=aha-music.com&x=500&y=281&vp_content=plembed1340ypuzhvgx&vp_template=5522&subId=[SUBID_ENCODED]&cbuster=1620014170&debugInformation=ABT%20/%20AdBck%20/%201%20/%20default&pubUrlAuto=https%3A%2F%2Fwww.aha-music.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 08:36:05 GMT
server: nginx
etag: W/"5f34fb75-3ff27"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 03 May 2022 03:56:10 GMT

GET
H2 200 prebidVid.4.8.0_5.min.js Show response
live.sekindo.com/content/prebid/ Frame 03F5 319 KB
119 KB 31ms
31ms Script
application/javascript 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/prebid-ads.php?s=99303&cbuster=2038748543&pubUrl=aha-music.com&x=500&y=281&vp_content=plembed1340ypuzhvgx&vp_template=5522&subId=[SUBID_ENCODED]&cbuster=1620014170&debugInformation=ABT%20/%20AdBck%20/%201%20/%20default&pubUrlAuto=https%3A%2F%2Fwww.aha-music.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: df8b8eed2ce43f8c47485a39b1d4b3c2b1f2253c7c74584392583da180160072

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
last-modified: Sun, 04 Apr 2021 12:51:49 GMT
server: nginx
etag: W/"6069b665-4fb4c"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Tue, 03 May 2022 03:56:10 GMT

GET
H2 200 liveVideo.php Show response
live.sekindo.com/live/ Frame 03F5 489 KB
135 KB 61ms
61ms Script
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/prebid-ads.php?s=99303&cbuster=2038748543&pubUrl=aha-music.com&x=500&y=281&vp_content=plembed1340ypuzhvgx&vp_template=5522&subId=[SUBID_ENCODED]&cbuster=1620014170&debugInformation=ABT%20/%20AdBck%20/%201%20/%20default&pubUrlAuto=https%3A%2F%2Fwww.aha-music.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: ea269cc58b756729fe62648248d643f60fb4d5219d0ce0d41976737bf016eda4

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame EABC 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha-music.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 02 May 2021 22:30:28 GMT
expires: Mon, 02 May 2022 22:30:28 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19542
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame EABC 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 21:11:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 197109
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Sat, 30 Apr 2022 21:11:01 GMT

GET
H2 200 primisslate.css
live.sekindo.com/content/video/css/ 17 KB
5 KB 14ms
14ms Stylesheet
text/css 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/video/css/primisslate.css
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 10:07:25 GMT
server: nginx
etag: W/"5f3ba85d-45c8"
content-type: text/css

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 03F5 126 KB
33 KB 44ms
14ms Script
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 06:48:26 GMT
content-encoding: gzip
server: Server
age: 76063
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id: _rRpG2NkJc41bIPVaindZhsT8ud-7Fkc3ft66SP5xjTNozlnZ429lg==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
644 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 02:13:03 GMT
server: ESF
date: Mon, 03 May 2021 03:56:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 03:56:10 GMT

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 98AF 8 KB
3 KB 62ms
18ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.aha-music.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=91300
Expires: Tue, 04 May 2021 05:17:50 GMT
Date: Mon, 03 May 2021 03:56:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

liveCS.php Show response
live.sekindo.com/live/ Frame 011A
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=94&advUuid=7f670fd6-abc3-11eb-93d9-14f0ef8b0206

0
223 B

16ms
15ms

Document
text/html

185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=94&advUuid=7f670fd6-abc3-11eb-93d9-14f0ef8b0206
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: live.sekindo.com
:scheme: https
:path: /live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=94&advUuid=7f670fd6-abc3-11eb-93d9-14f0ef8b0206
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha-music.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

server: nginx
date: Mon, 03 May 2021 03:56:10 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
age: 0
content-encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 03 May 2021 03:56:10 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=7f670fd6-abc3-11eb-93d9-14f0ef8b0206; expires=Tue, 03-May-2022 05:02:50 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=94&advUuid=7f670fd6-abc3-11eb-93d9-14f0ef8b0206
X-fe: 103
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

GET
H2

200

liveCS.php Show response
live.sekindo.com/live/ Frame 2CF2
Redirect Chain

https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D98%26advU...
https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D98%2...
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=98&advUuid=a2517148-c62d-467f-85fa-be62e2287e12

0
223 B

18ms
17ms

Document
text/html

185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=98&advUuid=a2517148-c62d-467f-85fa-be62e2287e12
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: live.sekindo.com
:scheme: https
:path: /live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=98&advUuid=a2517148-c62d-467f-85fa-be62e2287e12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha-music.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

server: nginx
date: Mon, 03 May 2021 03:56:10 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
age: 0
content-encoding: gzip

Redirect headers

vary: Accept, Accept-Encoding
set-cookie: i=8658a8a1-23ec-417b-9b49-e0a96a470efa|1620014170; Version=1; Expires=Tue, 03-May-2022 03:56:10 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.206.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=98&advUuid=a2517148-c62d-467f-85fa-be62e2287e12
date: Mon, 03 May 2021 03:56:10 GMT
content-type: text/html
content-length: 0
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 8463 2 KB
1 KB 78ms
23ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 0fafb552a5b9db2173674985a5729d3deab8a986cf3c95b18858fbcb8af9d0cd

Request headers

Host: s.console.adtarget.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.aha-music.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

Server: VertaMedia 1.0
Date: Mon, 03 May 2021 03:56:10 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 921
Access-Control-Allow-Origin: https://www.aha-music.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 200 liveView.php Show response
live.sekindo.com/live/ Frame 03F5 7 KB
2 KB 36ms
30ms XHR
application/json 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn4%2Fvideo%2Fusers%2Fconverted%2F29874%2Fvideo_5ffd67c61a4a3816983584%2Fvid600e6497d22db751474230.mp4&vid_content_id=1294822&vid_content_desc=Jazmine+Sullivan+-+Heaux+Tales+EP+REVIEW&vid_content_title=Jazmine+Sullivan+-+Heaux+Tales+EP+REVIEW&vid_content_duration=428&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&x=400&y=225&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&isApp=0&geoLati=52.5196&geoLong=13.4069&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=608f745ab3d80&cbuster=1620014170885&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c80d3744eee400549417a0fd3a454e836fb8f1fd040a3e320a0228577d8d68f

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.aha-music.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1458

GET
H/1.1 200
OK vid600e6497d22db751474230.jpg
video.primis.tech/uploads/cn4/video/users/converted/29874/video_5ffd67c61a4a3816983584/ 19 KB
19 KB 72ms
22ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn4/video/users/converted/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.jpg?cbuster=1611556013

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

b0c128a4a4d72f46203d918df8c11774101cb838b5a1522449f5e0c52fcaa3c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Mon, 25 Jan 2021 07:20:32 GMT
Server: Tengine
ETag: "600e7140-4bc1"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 19393
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608ac40564133072125102.jpg
video.primis.tech/uploads/cn2/video/users/converted/29874/video_5ffd67c61a4a3816983584/ 22 KB
22 KB 72ms
21ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn2/video/users/converted/29874/video_5ffd67c61a4a3816983584/vid608ac40564133072125102.jpg?cbuster=1619706905

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

48b20ab167d41a539b322c9836e032ed9898fa58ebd39c6b762b49ca1c508b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Thu, 29 Apr 2021 16:45:57 GMT
Server: Tengine
ETag: "608ae2c5-585c"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 22620
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5f88412f41ac1262521908.jpg
video.primis.tech/uploads/cn4/video/users/converted/30145/video_5f88306f96adf233529775/ 13 KB
14 KB 66ms
16ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn4/video/users/converted/30145/video_5f88306f96adf233529775/vid5f88412f41ac1262521908.jpg?cbuster=1603295897

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

efb2d294de01c08e183611b3e4dc4b46ee34e387e621c15c8ba0947925c29abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Thu, 15 Oct 2020 12:40:02 GMT
Server: Tengine
ETag: "5f884322-3522"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 13602
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608eaf0cd77df157546083.jpg
video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/ 9 KB
10 KB 65ms
14ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/vid608eaf0cd77df157546083.jpg?cbuster=1619963670

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

fc59b47eb644a7b8cb715dccb44851074433aae55a65a7debc8013b4dda8db34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 13:56:24 GMT
Server: Tengine
ETag: "608eaf88-258f"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 9615
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608eaf1b801da256947173.jpg
video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/ 11 KB
11 KB 65ms
15ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/vid608eaf1b801da256947173.jpg?cbuster=1619963683

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

72f15ab47840516adf69592a1a3469656129af1352b9eac5f6d63cdc068bbc64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 13:56:51 GMT
Server: Tengine
ETag: "608eafa3-2c37"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 11319
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608f06267c101650138125.jpg
video.primis.tech/uploads/cn5/video/users/converted/28530/video_5f5879b7d1d11852312889/ 17 KB
17 KB 71ms
21ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/28530/video_5f5879b7d1d11852312889/vid608f06267c101650138125.jpg?cbuster=1619985967

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

b8b0577a80201d05a5728fb39e193078ed6a48a7f2b23e0a2b44b011baa26d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 20:06:50 GMT
Server: Tengine
ETag: "608f065a-444b"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 17483
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608eae749ceae672828359.jpg
video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/ 14 KB
15 KB 16ms
15ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/vid608eae749ceae672828359.jpg?cbuster=1619963514

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

98ce445d92327ec6e0d63247847bb336c5eaf704fcd039d03113140a9a353813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 13:53:01 GMT
Server: Tengine
ETag: "608eaebd-393b"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 14651
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608eaeef5bdd8701135598.jpg
video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/ 18 KB
18 KB 16ms
15ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/vid608eaeef5bdd8701135598.jpg?cbuster=1619963636

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

ef4bf51176acbcf63305662fe622b75d1d2e16c37d3271c9f8ab16f1b72558b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 13:56:13 GMT
Server: Tengine
ETag: "608eaf7d-4649"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 17993
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608f0612a3622552355819.jpg
video.primis.tech/uploads/cn5/video/users/converted/28530/video_5f5879b7d1d11852312889/ 19 KB
20 KB 16ms
15ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/28530/video_5f5879b7d1d11852312889/vid608f0612a3622552355819.jpg?cbuster=1619985945

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

050e2b10197c5b3e627eb01a4f8639a3ef26d881a0502fa83e5f8d41e64b1d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 20:06:43 GMT
Server: Tengine
ETag: "608f0653-4d34"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 19764
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608ac44c5586d045335564.jpg
video.primis.tech/uploads/cn2/video/users/converted/29874/video_5ffd67c61a4a3816983584/ 18 KB
18 KB 16ms
15ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn2/video/users/converted/29874/video_5ffd67c61a4a3816983584/vid608ac44c5586d045335564.jpg?cbuster=1619706974

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

538ffb02a394cc2e9241b29eb65900685df30989a5d8df07fa4fb09ba782ad8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Thu, 29 Apr 2021 16:46:11 GMT
Server: Tengine
ETag: "608ae2d3-46a7"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 18087
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608eaecd84789933470259.jpg
video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/ 11 KB
11 KB 15ms
14ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/vid608eaecd84789933470259.jpg?cbuster=1619963600

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

bf4b726e00f4ac727c109c26141024e8dcc5e17268d1f3f119a492f5c2f5748c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 13:54:32 GMT
Server: Tengine
ETag: "608eaf18-2ad1"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 10961
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608eaf54f34cc672020864.jpg
video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/ 14 KB
14 KB 15ms
15ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/vid608eaf54f34cc672020864.jpg?cbuster=1619963736

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

61c3b08e3e2fc6d96995d82e6090a92ceff78bf597f1180013caeed0cce99a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 13:58:50 GMT
Server: Tengine
ETag: "608eb01a-374d"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 14157
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608eae607cb84403018269.jpg
video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/ 11 KB
11 KB 15ms
14ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/vid608eae607cb84403018269.jpg?cbuster=1619963490

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

fc086cbe77639c3ddd5b1ab3d6d6073d868532e69d2e13d16184473fde25b2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 13:52:33 GMT
Server: Tengine
ETag: "608eaea1-2b08"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 11016
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608eaf669d164228859020.jpg
video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/ 11 KB
12 KB 14ms
14ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/30402/video_6007ec1069f41301617978/vid608eaf669d164228859020.jpg?cbuster=1619963755

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

8900958167b73d73b80a207206affb2ffc041ecb053f57d0c814d359b00b0d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 13:59:25 GMT
Server: Tengine
ETag: "608eb03d-2dd2"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 11730
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid608f0639c9c0d361552409.jpg
video.primis.tech/uploads/cn5/video/users/converted/28530/video_5f5879b7d1d11852312889/ 31 KB
31 KB 16ms
15ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn5/video/users/converted/28530/video_5f5879b7d1d11852312889/vid608f0639c9c0d361552409.jpg?cbuster=1619985982

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

1a1903a3907af4f6f77417b33bdc64e871a01e2fae867d5917d9cd9b2a10a9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Sun, 02 May 2021 20:07:05 GMT
Server: Tengine
ETag: "608f0669-7b0e"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 31502
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 20ms
18ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=50&serverTime=1620014170&vid_playerVer=3.1.0&s=99303&sta=0&x=500&y=281&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&diaid=&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014170880&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 sync
x.bidswitch.net/ Frame 03F5 43 B
145 B 17ms
14ms Image
image/gif 52.58.45.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sekindo&user_id=608f745ab3d80&custom_data=608f745ab3d80&gdpr=1&gdpr_consent=
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.45.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-45-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

liveCS.php
live.sekindo.com/live/ Frame 03F5
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=93&advUuid=2778b9f3-44ee-4244-900c-29f93503f347

0
223 B

17ms
16ms

Image
text/html

185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=93&advUuid=2778b9f3-44ee-4244-900c-29f93503f347
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

location: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=93&advUuid=2778b9f3-44ee-4244-900c-29f93503f347
date: Mon, 03 May 2021 03:56:10 GMT
server: _
content-length: 0

GET
H2

200

liveCS.php
live.sekindo.com/live/ Frame 03F5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D99%26advUuid%3D
https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D99%26advUuid%3D&C=1
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=99&advUuid=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

0
223 B

15ms
15ms

Image
text/html

185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=99&advUuid=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=99&advUuid=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 334
Expires: Mon, 03 May 2021 03:56:10 GMT

GET
H2

200

liveCS.php
live.sekindo.com/live/ Frame 03F5
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.sekindo.com%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D608f745ab3d80%2526pixel%253D%2526advId%253D105%2526ad...
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=105&advUuid=7523185923035086846

0
223 B

16ms
16ms

Image
text/html

185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=105&advUuid=7523185923035086846
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:10 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.251:80
AN-X-Request-Uuid: a33f9206-5eed-4428-9618-16f9d2809c10
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=608f745ab3d80&pixel=&advId=105&advUuid=7523185923035086846
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 03F5 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9034b8c6d9ba4394f00c1d9beef4311bfbc448a1ac8a8791c708325c229a8beb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.aha-music.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 542450
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 26 Apr 2022 21:15:20 GMT

GET
H2 200 liveView.php Show response
live.sekindo.com/live/ Frame 03F5 37 KB
2 KB 31ms
28ms XHR
application/json 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn4%2Fvideo%2Fusers%2Fconverted%2F29874%2Fvideo_5ffd67c61a4a3816983584%2Fvid600e6497d22db751474230.mp4&vid_content_id=1294822&vid_content_desc=Jazmine+Sullivan+-+Heaux+Tales+EP+REVIEW&vid_content_title=Jazmine+Sullivan+-+Heaux+Tales+EP+REVIEW&vid_content_duration=428&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&x=400&y=225&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&isApp=0&geoLati=52.5196&geoLong=13.4069&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=608f745ab3d80&cbuster=1620014170951&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30352D30335F30367D7B7331313236373537387D7B4335377D7B53643364334C6D466F5953317464584E705979356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583530307D7B593238317D7B66317D7B7251554A554943386751575243593273674C794178494338675A47566D5958567364413D3D7D7B4C353532327DFEFE&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+AdBck+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=608f745ab3d80&debugInfo=11267578_ABT+%2F+AdBck+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=11267578&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1340ypuzhvgx&secondaryContent=&x=500&y=281&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=sticky&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=5522&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 5229c1b57bfd8d5294de4b9df14ec9bfe2538b51eea22ab2f35e808b32cdac38

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.aha-music.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2213

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 03F5 6 KB
3 KB 42ms
14ms XHR
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 68393
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Sun, 02 May 2021 08:56:19 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: SpZpc_7zsXTQh5_2FcMGWDx2lFx43R8F794YrefDaSHi_X686SLqjA==

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 296ms
98ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H/1.1 200
OK pbjs_wrapper.v1.0.js Show response
hb.brainlyads.com/ Frame 0E1F 18 KB
6 KB 313ms
101ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3a59c27495827e4143463e6e0f8d4e97188e9e29792cd34128f17e0dcb18af5d

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Apr 2021 17:59:13 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"608c4571-4620"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 04 May 2021 03:56:11 GMT

GET
H/1.1 200
OK prebid.js Show response
hb.brainlyads.com/ Frame 0E1F 404 KB
125 KB 411ms
200ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/prebid.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2522a9407560dfbfb46c6db5598b76a6aace3507e2912b71c785c2c9305a8e81

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 23:51:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"6089f4fc-6508b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 04 May 2021 03:56:11 GMT

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 11 KB
2 KB 302ms
106ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.aha-music.com%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 872bc0a14f0dfe009d247731a8d1bebac7769a2b159310bbf25be4e9e34366a8

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"2c5d-P5yrFwpz1/mwhDWThNYTMcxaPeI"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.aha-music.com
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK vid600e6497d22db751474230.jpg
video.primis.tech/uploads/cn4/video/users/converted/29874/video_5ffd67c61a4a3816983584/ 19 KB
19 KB 14ms
14ms Image
image/jpeg 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.primis.tech/uploads/cn4/video/users/converted/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.jpg?cbuster=1611556013

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),

Reverse DNS

Software

Tengine /

Resource Hash

b0c128a4a4d72f46203d918df8c11774101cb838b5a1522449f5e0c52fcaa3c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:08 GMT
Last-Modified: Mon, 25 Jan 2021 07:20:32 GMT
Server: Tengine
ETag: "600e7140-4bc1"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 19393
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3A30 38 KB
14 KB 20ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D608f745ab3d80%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=105046
Expires: Tue, 04 May 2021 09:06:56 GMT
Date: Mon, 03 May 2021 03:56:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 03F5 0
218 B 78ms
22ms XHR
application/json 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-45-128.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 171621 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 03F5 0
1 KB 92ms
39ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/171621
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
X-SpotX-Timing-Transform: 0.000320
X-SpotX-Timing-SpotMarket: 0.019610
X-SpotX-Timing-Page-Mux: 0.000244
X-SpotX-Timing-Page-Require: 0.000304
X-fe: 033
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000024
X-SpotX-Timing-Page: 0.023993
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000299
Last-Modified: Mon, 03 May 2021 03:56:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.014882
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.aha-music.com
X-SpotX-Timing-Page-Misc: 0.003178
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.004728
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 03F5 67 B
582 B 77ms
38ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11961761&componentId=prebid&componentSubId=mustang&timestamp=1620014170996&pKey=83331326&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.aha-music.com%2F&playerSize=400x225&schain=1.0,1!primis.tech,20535,1,,,
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:11 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.aha-music.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1620014170838029-346
Expires: Mon, 03 May 2021 03:56:11 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 03F5 0
117 B 51ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
date: Mon, 03 May 2021 03:56:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 liveView.php
live.sekindo.com/live/ 43 B
298 B 19ms
19ms Image
image/gif 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1620014170&vid_playerVer=3.1.0&s=58057&sta=14427460&x=400&y=225&msta=11267578&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014170990&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 62BC 2 KB
1 KB 79ms
25ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=609724
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 06b0f91f690a5ddc096187307c63af0de19dc9d61cc95ef686e283c843895bb9

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.console.adtarget.com.tr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

Server: VertaMedia 1.0
Date: Mon, 03 May 2021 03:56:10 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 901
Access-Control-Allow-Origin: https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

Cookie set csync Show response
sync.console.adtarget.com.tr/ Frame 3610
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=laq0V7zUOx0jE7jTM9b6&pi=admatic&tc=1

86 B
547 B

796ms
387ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=laq0V7zUOx0jE7jTM9b6&pi=admatic&tc=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host: sync.console.adtarget.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.console.adtarget.com.tr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

Server: VertaMedia 1.0
Date: Mon, 03 May 2021 03:56:11 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=d8d9c83a7c85dad5; expires=Sun, 04 Jul 2021 03:56:11 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=laq0V7zUOx0jE7jTM9b6; expires=Sun, 04 Jul 2021 03:56:11 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date: Mon, 03 May 2021 03:56:11 GMT Mon, 03 May 2021 03:56:11 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=laq0V7zUOx0jE7jTM9b6&pi=admatic&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame D257
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

3 KB
1 KB

21ms
21ms

Document
text/html

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: c9e213ccbfe5a18fe34daa88cd1d5578b6324d511341ddf4e61097ed111658e1

Request headers

:method: GET
:authority: ads.us.e-planning.net
:scheme: https
:path: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: CT=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

server: openresty
date: Mon, 03 May 2021 03:56:11 GMT
content-type: text/html
cache-control: max-age=0, no-cache
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie: E=AKHFD1bpbbEG7YeS; path=/; domain=e-planning.net; expires=Mon, 01-May-2028 03:56:11 GMT; SameSite=None; Secure
expires: Mon, 03 May 2021 03:56:11 GMT
x-sid: AMS-739
content-encoding: gzip

Redirect headers

server: openresty
date: Mon, 03 May 2021 03:56:11 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: CT=1; path=/; SameSite=None; Secure
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid: AMS-739

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D007 8 KB
3 KB 23ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.console.adtarget.com.tr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=91299
Expires: Tue, 04 May 2021 05:17:50 GMT
Date: Mon, 03 May 2021 03:56:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK pbsync.html Show response
js.adscale.de/ Frame A9FA 3 KB
2 KB 59ms
18ms Document
text/html 104.111.237.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-88.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Host: js.adscale.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.console.adtarget.com.tr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

x-amz-id-2: gP4kyJgm9jhO0VUUdLTBT2FWpFhQmCAW/re9IS8ZQIJX8fTLSq2/YHJz4jHPt+LSgIODv8ND+4c=
x-amz-request-id: TJ1Q7NA6JYQADF0B
Last-Modified: Wed, 03 Mar 2021 00:56:54 GMT
ETag: "5550fca00caf055568d6ced373f2721f"
x-amz-version-id: ljUMRnw1Ux.L_G6sluuTuNwF_kYaf8ny
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1509
Cache-Control: max-age=300
Date: Mon, 03 May 2021 03:56:11 GMT
Connection: keep-alive

GET
H2 200 cookie Show response
cm.adform.net/ Frame BB37 43 B
106 B 109ms
45ms Document
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method: GET
:authority: cm.adform.net
:scheme: https
:path: /cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

server: nginx
date: Mon, 03 May 2021 03:56:11 GMT
content-type: image/gif
content-length: 43

GET
H2 200 user Show response
cdn.admatic.com.tr/ Frame 8048 251 B
602 B 36ms
7ms Document
text/html 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admatic.com.tr/user
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method: GET
:authority: cdn.admatic.com.tr
:scheme: https
:path: /user
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-481
cdn-pullzone: 266102
cdn-uid: bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode: DE
cdn-edgestorageid: 481
cdn-storageserver: DE-51
cache-control: public, max-age=3600
last-modified: Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat: 2021-05-03 01:40:25
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-requestid: 08e579d7305c1b40be7fefc0954bdcf0
cdn-cache: HIT
content-encoding: gzip

GET
H/1.1

200
OK

csync
sync.console.adtarget.com.tr/ Frame 8463
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-b23f9d7b-4e22-45a3-909c-0b5c805b8617

86 B
566 B

913ms
387ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-b23f9d7b-4e22-45a3-909c-0b5c805b8617
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

location: https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-b23f9d7b-4e22-45a3-909c-0b5c805b8617
date: Mon, 03 May 2021 03:56:11 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 8463 86 B
402 B 791ms
54ms Image
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?redir=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3A30 0
75 B 68ms
23ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=85884761&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:10 GMT
Content-Length: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 03F5 0
0 32ms
17ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveiO8f-p-ZudQaurRkKLnKJpeVuxJKfZAzUummyn1vH_uSqf1VZj2Q3kwOG-D_NQFqf3DBHfyY9TR2BYMWIW1kaOA0ETBYDlstHrVjys8P2IWPXICpVHQ8c-Fdx9PkYKXe3_PAIC55v0L7cnoiD8JCiUK47b9Fg0wElW9W_f4_iUG3w0QB-KKCHc-R-bvVSMFozulqPeza7f_Y_t8bWrQgk0jqqETgoPsZ-6T2BzzZkKTAPYt9jDTCILqvWlyTA8AvcopCTAKzXb6q02DYCi1NIpPtHBmt6kNN-Xs6VjvoO3OMugWkO5apAHyFDgozLQ&sai=AMfl-YQ2Rj7t3PTUUlLJBVD7gqfVfxlwlUU7Whn4K2R-3SNA2t8THWViXHNVgjJH3B0-e5oP6my8kRWxaDwK-9n2Et3jsSF5RWK2qktjHKvdVuPQ7xR6UzdZLQxoACD-R38&sig=Cg0ArKJSzLBnQ_MAM7kZEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 03:56:11 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0C58 38 KB
14 KB 21ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=105045
Expires: Tue, 04 May 2021 09:06:56 GMT
Date: Mon, 03 May 2021 03:56:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 bundle.js Show response
cdn.admatic.com.tr/user/ Frame 8048 54 KB
20 KB 55ms
54ms Script
application/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admatic.com.tr/user/bundle.js
Requested by: Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer: https://cdn.admatic.com.tr/user
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
content-encoding: br
cdn-edgestorageid: 481
cdn-storageserver: DE-51
cdn-cachedat: 2021-05-02 23:22:00
cdn-pullzone: 266102
last-modified: Fri, 12 Mar 2021 04:24:48 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control: public, max-age=3600
cdn-requestid: 9ed8ba73cb632d56ae84a20cb8a1b54f
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

uu Show response
ih.adscale.de/ Frame A9FA
Redirect Chain

https://ih.adscale.de/uu?cbfn=receive&t=1620014171
https://ih.adscale.de/uu?cbfn=receive&t=1620014171&nut&uu=055412cfcf384058808ab07f1c1e5023

44 B
213 B

14ms
14ms

Script
text/javascript

18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/uu?cbfn=receive&t=1620014171&nut&uu=055412cfcf384058808ab07f1c1e5023
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 67b8e3fc7a54a958feacef9881fb6534de8ef10dd87b324b0084b20ebf6d99a2

Request headers

Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
content-length: 44
content-type: text/javascript;charset=ISO-8859-1

Redirect headers

location: https://ih.adscale.de/uu?cbfn=receive&t=1620014171&nut&uu=055412cfcf384058808ab07f1c1e5023
date: Mon, 03 May 2021 03:56:11 GMT
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 03F5 0
61 B 51ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
date: Mon, 03 May 2021 03:56:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 204 d
ic.tynt.com/r/ Frame 84CB 0
0 360ms
113ms Document
text/plain 67.202.110.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ic.tynt.com
:scheme: https
:path: /r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.adtelligent.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/

Response headers

server: nginx/1.16.1
date: Mon, 03 May 2021 03:56:11 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2

200

1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 62BC
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=aed4ba2c45aeb3da

35 B
232 B

48ms
15ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=aed4ba2c45aeb3da
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
server: nginx
content-type: image/gif
content-length: 35
p3p: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=aed4ba2c45aeb3da
Date: Mon, 03 May 2021 03:56:12 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 62BC
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=83bff1cb08c00d6dda4fa9f2

86 B
535 B

2635ms
388ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=83bff1cb08c00d6dda4fa9f2
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Date: Mon, 03 May 2021 03:56:11 GMT
Server: nginx
Location: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=83bff1cb08c00d6dda4fa9f2
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 62BC
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6c2a1837-33f4-4d65-aa13-e8548f3bff8a

86 B
547 B

1888ms
388ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6c2a1837-33f4-4d65-aa13-e8548f3bff8a
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=6c2a1837-33f4-4d65-aa13-e8548f3bff8a
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: d0kujb29rfkvn2v93kqj7th6cap2hb8c

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 62BC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7523185923035086846

86 B
530 B

2270ms
388ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7523185923035086846
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:11 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.40:80
AN-X-Request-Uuid: fbec4d09-a7f1-469b-9071-46b6879cd998
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7523185923035086846
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.console.adtarget.com.tr/ Frame 62BC
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=aed4ba2c45aeb3da

86 B
543 B

388ms
387ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=aed4ba2c45aeb3da
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Location: https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=aed4ba2c45aeb3da
Date: Mon, 03 May 2021 03:56:12 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
15ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042701&jk=3259106650563524&bg=!cXKlcjbNAAZLnZBaS507ACkAdvg8WiV9kVeZx3WHLpGutszUKQQPeVrIXOT4kdhmLkE3RNrjV0Y6_gIAAADjUgAAABBoAQcKAVwC3HMLg5pAjxU-UujX3HVF-CK_qM-JqNZwdlhQz2G6_Eq2TEQrVtpp-WrVPtBW3XJbhTJ2K7oQl3nwxTQijZICeNpDF4Ehw7nHoeoqXfFQgQ3X2a38x4wwduopRhgTgLFIMkPjRQbKbL6v2P1ymjm0C6Ni-wC6xTMAQ0fFsB-moE83XEC6k4oS3lpi55LE5JraxVDXouc8E-aGSkMfJCy8ySnW1WBGVoaKB5q08K3sU84DBSa4mhsgAlFdwimOh3s1RNHLx5xwbxQ2pHPZgh1v3tIvd9n-7kBnIt3MEzlja32AoGojApCQm_2blLtExhlPfRSaRS-AkiPApp1iah2CsZBETXTdKjiLISxNTIFP95cr3HFUf9bJEsg9CvVEkktetNJGGlhSucLPfkBoGX8HosiExtdXga6zqrrFG-klbcX2BepbtBrCsaVRtx2Yue6jXH0ELmVC3-OswdqZAj50bgaf8BvlTF-PAQQQ_mCNDGY06PS3D_CnN_a0SqQFo705stvDlDMW6DBZhOcUqjRUTDdP-laU2n6yeAoUguyFgYmcwANh2vc6UHT1XPsVjNTtaPOcR6RwJh5_b4SlB_uKlOf7ecAgW519cQPXPlq-WaBipurXaqlTL5KSdjsoH42YAZP_FSNhlX1Eb1bva8v0aoCtjEnIdjB1KdQUJ4Rz9ZVtgSLN5KNIHMzuVXhtzCcgIb6TLBkFRGiJ3X7ALnIPLf3sAqOFaUzktgzt9pwTFanFns23dkCqpAh81gZMh6oEX-oQjnXB9TkHKaX_NBsgWpweoNyIYNQvyfoe9iyTgN6cUsoJxyyvmjkYnpdLZGC7JG3WrvxUdJzOUxEiCU7-GnAaV7A5roio6VbqOkEDfnwoVFmKxgegziQ4FOmhkU3AN5stxcd4L4ZGAxWXBGIn6tYCpk6NHzoRwuMdIRWQRSp_1ERb6o69IB7HcyjWiIjJdg561o39EYDoz2NG0NPV6JR7I8MeZBM0ylC_5vatG_Dh4Y5h8H6WicshY4cnIA48pLHD4lQBq6MyCO_7FXUww7OAA-Fu6Y1GJTsRc_jvrPH_l4Vcyn4P1FWoJR1_lLZqmrI5NzmZ8w1_29PH7sw4aZxhVOSvrR1LckJQP7jRt-bsy5-2MHNyws7VAq3l4IoH8upT6FuwKR52NLVOWVR7cbTH1oCGDuxgRgCCSc0tN7SaDdu9fPt1b_XZKtdbvvOfv42k51VZ5QqZ9aiO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

um
u-ams02.e-planning.net/ Frame D257
Redirect Chain

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7082973f7bb48dba
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=7082973f7bb48dba

42 B
103 B

16ms
16ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=7082973f7bb48dba
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:26 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:26 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=7082973f7bb48dba
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

um
sync.e-planning.net/ Frame D257
Redirect Chain

https://sync.1rx.io/usersync2/eplanning
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4558667635
https://sync.1rx.io/usersync/tradedesk/bda644ec-55de-48a5-af09-ed9088c1d433
https://sync.targeting.unrulymedia.com/csync/RX-32cbabf8-3fc3-4c4f-8b64-ac0c0355a3ff-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-32cbabf8-3fc3-4c4f-8b64-ac0c0355a3ff-003%26dc%3D1079...
https://sync.e-planning.net/um?uid=RX-32cbabf8-3fc3-4c4f-8b64-ac0c0355a3ff-003&dc=1079cc634ca638f8&iss=1

42 B
103 B

14ms
14ms

Image
image/gif

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=RX-32cbabf8-3fc3-4c4f-8b64-ac0c0355a3ff-003&dc=1079cc634ca638f8&iss=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:18 GMT
server: openresty
content-type: image/gif

Redirect headers

location: https://sync.e-planning.net/um?uid=RX-32cbabf8-3fc3-4c4f-8b64-ac0c0355a3ff-003&dc=1079cc634ca638f8&iss=1
date: Mon, 03 May 2021 03:56:18 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX32cbabf83fc34c4f8b64ac0c0355a3ff003
content-type: text/html

GET
H2 200 dataxpand_28122020.js Show response
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame D257 39 KB
14 KB 3358ms
29ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 16:45:03 GMT
server: openresty
etag: W/"5fea0b8f-9a72"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sat, 02 May 2026 03:56:14 GMT

GET
H2 200 tm60118.js Show response
tag.navdmp.com/ Frame D257 12 KB
4 KB 34ms
12ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm60118.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3063
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 09d1f79c0900004ed952059000000001
last-modified: Wed, 18 Nov 2020 16:32:07 GMT
server: cloudflare
etag: W/"5fb54c87-2ef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 64968ed9a9514ed9-FRA
expires: Mon, 03 May 2021 04:05:08 GMT

GET
H2 200 retargetly_030920.js Show response
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame D257 2 KB
1 KB 3359ms
30ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 18:45:03 GMT
server: openresty
etag: W/"5f5139af-857"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sat, 02 May 2026 03:56:14 GMT

GET
H2

200

um
u-ams02.e-planning.net/ Frame D257
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D7082973f7bb48dba%26uid%3D%24%7BUID%7D
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=7082973f7bb48dba&uid=6c2a1837-33f4-4d65-aa13-e8548f3bff8a

42 B
104 B

53ms
16ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=7082973f7bb48dba&uid=6c2a1837-33f4-4d65-aa13-e8548f3bff8a
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=7082973f7bb48dba&uid=6c2a1837-33f4-4d65-aa13-e8548f3bff8a
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 0rslii0t71hka75u5lmsmft51ue4la2c

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame D257 5 KB
2 KB 7689ms
100ms Script
text/plain 34.192.206.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.206.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ec280066bf73144ca489e17349293da20108290ebfde1e1b8840e3435f53ad12

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:18 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1682

GET
H2 200 lotame.js Show response
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame D257 266 B
415 B 3360ms
31ms Script
application/x-javascript 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 16:18:03 GMT
server: openresty
etag: W/"5fb69abb-10a"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Sat, 02 May 2026 03:56:14 GMT

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ Frame D257 0
104 B 110ms
62ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D7082973f7bb48dba%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame D257
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D7082973f7bb48dba
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F

95 B
222 B

15ms
15ms

Image
image/png

168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

Redirect headers

location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date: Mon, 03 May 2021 03:56:11 GMT
server: nginx/1.10.3
content-type: text/html; charset=UTF-8

GET
H2

200

um
u-ams02.e-planning.net/ Frame D257
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7082973f7bb48dba%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7082973f7bb48dba&uid=7523185923035086846

42 B
103 B

33ms
16ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7082973f7bb48dba&uid=7523185923035086846
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:11 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid: a9c3665b-ae31-4548-a0e8-4eab4a428d10
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7082973f7bb48dba&uid=7523185923035086846
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame D257 0
474 B 61ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D7082973f7bb48dba%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.e-planning.net/ Frame D257
Redirect Chain

https://ups.analytics.yahoo.com/ups/58414/occ
https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-.Slqo6RE2uHT5gfct7f61n_YOvTzCTf6iakX2oM-~A

42 B
104 B

1070ms
13ms

Image
image/gif

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-.Slqo6RE2uHT5gfct7f61n_YOvTzCTf6iakX2oM-~A
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:16 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Mon, 03 May 2021 03:56:15 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-.Slqo6RE2uHT5gfct7f61n_YOvTzCTf6iakX2oM-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

um
u-ams02.e-planning.net/ Frame D257
Redirect Chain

https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D7082973f7bb48dba%26uid%3D%7B%24UID%7D
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=7082973f7bb48dba&uid=61c065ec1696f79439e719708577bce141ab5263

42 B
103 B

17ms
16ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=7082973f7bb48dba&uid=61c065ec1696f79439e719708577bce141ab5263
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
server: openresty
content-type: image/gif

Redirect headers

Location: https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=7082973f7bb48dba&uid=61c065ec1696f79439e719708577bce141ab5263
Date: Mon, 03 May 2021 03:56:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 test_dmp.html Show response
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame D257 0
0 3359ms
30ms Script
text/html 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0D2B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

307ms
18ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 May 2021 03:56:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date: Mon, 03 May 2021 03:56:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8E74 8 KB
3 KB 21ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7082973f7bb48dba%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=91299
Expires: Tue, 04 May 2021 05:17:50 GMT
Date: Mon, 03 May 2021 03:56:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D8D9 38 KB
14 KB 20ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7082973f7bb48dba%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7082973f7bb48dba%26uid%3D

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=105045
Expires: Tue, 04 May 2021 09:06:56 GMT
Date: Mon, 03 May 2021 03:56:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 18ms
18ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1620014170&vid_playerVer=3.1.0&s=99303&sta=0&x=500&y=281&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014171153&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:10 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK userconnect.js Show response
js.adscale.de/ Frame A9FA 14 KB
5 KB 19ms
19ms Script
application/javascript 104.111.237.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-88.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Vg_Jp.ZJ2u3YbQXNKkA7T4fbgrmEYgFi
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 00:56:54 GMT
Server: AmazonS3
x-amz-request-id: FSVMN4NAT29K7A67
ETag: "98f37b242862929d9aef4bde91abc8ad"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Date: Mon, 03 May 2021 03:56:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4485
x-amz-id-2: 6QUOYCNbvtUL3ZhmW7J9md43BdYE0qwmy68DuImMhfbKvjQThSpN/VcdIjXp9gsf6kQf986OZ48=

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame A9FA 86 B
559 B 1028ms
388ms Image
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=055412cfcf384058808ab07f1c1e5023
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame A9FA 149 B
224 B 14ms
14ms Script
application/javascript 18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1620014171184&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
content-length: 149
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame 139F 3 KB
3 KB 19ms
19ms Document
text/html 18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 722a19cca834da092710eecd4183834bd6206f9a2f9b3ec4d915a843028e90d1

Request headers

:method: GET
:authority: ih.adscale.de
:scheme: https
:path: /map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.adscale.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uu=055412cfcf384058808ab07f1c1e5023; cct=1620014171131
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.adscale.de/

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 2792
set-cookie: tu=4#3462571610#48~~450003~450003~1#101~~450003~450003~1#38~~450003~450003~1#39~~450003~450003~1#40~~450003~450003~1#42~~450003~450003~1#108~~450003~450003~1#63~~450003~450003~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1620014171210; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None

GET
H/1.1 200
OK match.js Show response
js.adscale.de/ Frame 139F 4 KB
2 KB 19ms
19ms Script
application/javascript 104.111.237.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-88.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wLpT08_wLXVkyJ1J8XFuEEwEpe2lwEj_
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 00:56:54 GMT
Server: AmazonS3
x-amz-request-id: 0CJGEPQ2ZKSDZJTR
ETag: "b75124846aec28a28b7a3441813682d5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=300
Date: Mon, 03 May 2021 03:56:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1700
x-amz-id-2: rTeXxEVlmwvubu+6mFW79yFbR/gN1X2gq0lQgaMPHQj754I0ueECxgXGlb1NT3Jw/38xunNd2r8=

GET
H2

200

img
ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/ Frame 139F
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=055412cfcf384058808ab07f1c1e5023&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31ab3b0219b89%2F1620014171210%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?tpid=101&tpuid=BBID-01-02947281723574814-16277688

49 B
462 B

19ms
18ms

Image
image/gif

18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?tpid=101&tpuid=BBID-01-02947281723574814-16277688
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Mon, 03 May 2021 03:56:12 GMT
Server: nginx
Transfer-Encoding: chunked
p3p: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location: https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?tpid=101&tpuid=BBID-01-02947281723574814-16277688
Cache-Control: private, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
46 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D27GFSL45N

Requested by

Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5710df69f1ed0e6fcb5b1b117d4c0bf98d90e4d57441cb3974068af6fc3fd26a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46980
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:11 GMT

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 99ms
99ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 197ms
98ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 03 May 2021 03:56:11 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 834ms
206ms Script
application/javascript 52.40.230.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.aha-music.com%2F&ref=
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.40.230.171 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-230-171.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 440243574e3bfd8a773c92a7ce2b19cd18f942b116eb253623d11bc887668307

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
server: nginx/1.18.0
content-length: 3334
content-type: application/javascript

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D27GFSL45N&gtm=2oe4l3&_p=1239810693&sr=1600x1200&ul=en-us&cid=2138946156.1620014171&_s=1&dl=https%3A%2F%2Fwww.aha-music.com%2F&dt=AHA%20Music%20-%20Song%20Finder%20for%20Browser%20%7C%20What%20song%20is%20this%3F%3F&sid=1620014171&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D27GFSL45N
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aha-music.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 99ms
99ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 03 May 2021 03:56:12 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 03F5 42 B
64 B 28ms
14ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvF-jwb-FgUMI7xltdsWXuBje1HLlKF1voKvSzig8Ooer50b82Yi7EQv3UrXWEcc_ogRu11iFW5Cn_cKmH7DCao3tfekgWAxt64AVPU2H0&sig=Cg0ArKJSzDU2gqSR_U-jEAE&id=lidar2&mcvt=1000&p=646,0,647,1&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1831455630&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1620014170675&dlt=0&rpt=40&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0064 38 KB
14 KB 21ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.aha-music.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=105044
Expires: Tue, 04 May 2021 09:06:56 GMT
Date: Mon, 03 May 2021 03:56:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5C49 38 KB
14 KB 41ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.aha-music.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=105044
Expires: Tue, 04 May 2021 09:06:56 GMT
Date: Mon, 03 May 2021 03:56:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

204

sync
pixel.advertising.com/ups/55986/ Frame 03F5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YI90XAAAqRtpTQAC&_origin=0&gdpr=1&gdpr_consent=&_test=YI90XAAAqRtpTQAC

0
124 B

16ms
15ms

Image
text/plain

18.197.99.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55986/sync?uid=YI90XAAAqRtpTQAC&_origin=0&gdpr=1&gdpr_consent=&_test=YI90XAAAqRtpTQAC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.99.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620014172.221510,VS0,VE0
x-served-by: cache-hhn4046-HHN
x-cache: HIT
location: https://pixel.advertising.com/ups/55986/sync?uid=YI90XAAAqRtpTQAC&_origin=0&gdpr=1&gdpr_consent=&_test=YI90XAAAqRtpTQAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55953/ Frame 03F5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=151d6354-3b2b-49af-ba2f-8433b24bcf2e&_origin=1&gdpr=1&gdpr_consent=

0
234 B

3061ms
16ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=151d6354-3b2b-49af-ba2f-8433b24bcf2e&_origin=1&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:15 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=151d6354-3b2b-49af-ba2f-8433b24bcf2e&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/ Frame 03F5
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP801e8c37-abc3-11eb-b769-06bc59bb0262
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP801e8c37-abc3-11eb-b769-06bc59bb0262&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA4MDFlOGMzNy1hYmMzLTExZWItYjc2OS0wNmJjNTliYjAyNjI%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEE8x0x-gjtrnPFKpLFYPrSY&google_cver=1
https://pixel.advertising.com/ups/57304/sync?uid=CAESEE8x0x-gjtrnPFKpLFYPrSY&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEE8x0x-gjtrnPFKpLFYPrSY&google_cver=1&apid=UP82080cbb-abc3-11eb-ba37-02c2cb9988ce

0
1 KB

18ms
17ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEE8x0x-gjtrnPFKpLFYPrSY&google_cver=1&apid=UP82080cbb-abc3-11eb-ba37-02c2cb9988ce

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:15 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEE8x0x-gjtrnPFKpLFYPrSY&google_cver=1&apid=UP82080cbb-abc3-11eb-ba37-02c2cb9988ce
date: Mon, 03 May 2021 03:56:15 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

img
sync.mathtag.com/sync/ Frame 03F5
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4a9d58ab1ef01ccb5fb1ff2858b5b682&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g099_6957907887796705968
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGE5ZDU4YWIxZWYwMWNjYjVmYjFmZjI4NThiNWI2ODI=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEM9xU6-jM_tRruGpS4Fl2J4&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=151d6354-3b2b-49af-ba2f-8433b24bcf2e
https://pr-bh.ybp.yahoo.com/sync/stickyads/4a9d58ab1ef01ccb5fb1ff2858b5b682&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-tpFTSOVE2oPQrSq88GQxPL9SD7MJyH6aiAn8Lmlu~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=5545279270872244402
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=4a9d58ab1ef01ccb5fb1ff2858b5b682&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g051_6957907887797081477
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NGE5ZDU4YWIxZWYwMWNjYjVmYjFmZjI4NThiNWI2ODI=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=NGE5ZDU4YWIxZWYwMWNjYjVmYjFmZjI4NThiNWI2ODI=&gdpr=0&gdpr_consent=&google_tc=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMsKqU8w_byES6pCmOc4kkk&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=bda644ec-55de-48a5-af09-ed9088c1d433
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D

0
0

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 1584ms
185ms Script
application/javascript 52.24.36.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.aha-music.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.36.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-36-224.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 3e35ce33f0bf35b7dc2569b494f27675b856043a57ecc024b11a0da5b1db3692

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 19:29:36 GMT
server: nginx/1.14.1
etag: W/"1619810976.0-5932-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Mon, 03 May 2021 15:56:13 GMT

GET
H2 200 251 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 572ms
191ms Script
application/javascript 52.33.73.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/251
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.aha-music.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.73.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-73-108.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: df151e22be1dd1d0b9c8e0748aafc86c9ad2b73a965fdb159040f517bbb6db9b

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 19:28:24 GMT
server: nginx/1.14.1
etag: W/"1619810904.0-25597-2710964840"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Mon, 03 May 2021 15:56:12 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=33addb77-b222-4bc3-9986-23257a6b75db&adnxs_id=$UID
https://ids.ad.gt/api/v1/match?id=33addb77-b222-4bc3-9986-23257a6b75db&adnxs_id=7523185923035086846

43 B
470 B

665ms
231ms

Image
image/gif

34.216.128.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=33addb77-b222-4bc3-9986-23257a6b75db&adnxs_id=7523185923035086846
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.128.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-128-100.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
cache-control: public, max-age=43200
server: nginx/1.16.1
content-type: image/gif
expires: Mon, 03 May 2021 15:56:12 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid: 875a34ee-4d6c-4a0d-9d2c-95f3fe914499
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=33addb77-b222-4bc3-9986-23257a6b75db&adnxs_id=7523185923035086846
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=33addb77-b222-4bc3-9986-23257a6b75db
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=33addb77-b222-4bc3-9986-23257a6b75db
https://ids.ad.gt/api/v1/t_match?tdid=151d6354-3b2b-49af-ba2f-8433b24bcf2e&id=33addb77-b222-4bc3-9986-23257a6b75db

43 B
477 B

551ms
199ms

Image
image/gif

34.216.128.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=151d6354-3b2b-49af-ba2f-8433b24bcf2e&id=33addb77-b222-4bc3-9986-23257a6b75db
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.128.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-128-100.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
cache-control: public, max-age=43200
server: nginx/1.16.1
content-type: image/gif
expires: Mon, 03 May 2021 15:56:12 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=151d6354-3b2b-49af-ba2f-8433b24bcf2e&id=33addb77-b222-4bc3-9986-23257a6b75db
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H/1.1 502
Bad Gateway UCookieSetPug
image2.pubmatic.com/AdServer/ 0
0 81ms
19ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D33addb77-b222-4bc3-9986-23257a6b75db
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=33addb77-b222-4bc3-9986-23257a6b75db
https://ids.ad.gt/api/v1/g_match?id=33addb77-b222-4bc3-9986-23257a6b75db&google_gid=CAESEGmij0xmMF1uRWmPfFxLFjI&google_cver=1&google_ula=450542624,0

43 B
479 B

620ms
201ms

Image
image/gif

34.216.128.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=33addb77-b222-4bc3-9986-23257a6b75db&google_gid=CAESEGmij0xmMF1uRWmPfFxLFjI&google_cver=1&google_ula=450542624,0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.128.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-128-100.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
cache-control: public, max-age=43200
server: nginx/1.16.1
content-type: image/gif
expires: Mon, 03 May 2021 15:56:12 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=33addb77-b222-4bc3-9986-23257a6b75db&google_gid=CAESEGmij0xmMF1uRWmPfFxLFjI&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=33addb77-b222-4bc3-9986-23257a6b75db
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzNhZGRiNzctYjIyMi00YmMzLTk5ODYtMjMyNTdhNmI3NWRi

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzNhZGRiNzctYjIyMi00YmMzLTk5ODYtMjMyNTdhNmI3NWRi

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzNhZGRiNzctYjIyMi00YmMzLTk5ODYtMjMyNTdhNmI3NWRi
date: Mon, 03 May 2021 03:56:12 GMT
server: nginx/1.16.1
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=33addb77-b222-4bc3-9986-23257a6b75db
https://ids.ad.gt/api/v1/ppnt_match?uid=ZwrrWNGBiZi4&ev=1&pid=562316&id=33addb77-b222-4bc3-9986-23257a6b75db

43 B
467 B

209ms
209ms

Image
image/gif

34.216.128.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=ZwrrWNGBiZi4&ev=1&pid=562316&id=33addb77-b222-4bc3-9986-23257a6b75db
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.128.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-128-100.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
cache-control: public, max-age=43200
server: nginx/1.16.1
content-type: image/gif
expires: Mon, 03 May 2021 15:56:12 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://ids.ad.gt/api/v1/ppnt_match?uid=ZwrrWNGBiZi4&ev=1&pid=562316&id=33addb77-b222-4bc3-9986-23257a6b75db
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c488d4f5b-kx42z
expires: -1

GET
H/1.1 200
OK us
sync.go.sonobi.com/ 0
474 B 38ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=33addb77-b222-4bc3-9986-23257a6b75db&uid=[UID]

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:12 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=33addb77-b222-4bc3-9986-23257a6b75db&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D33addb77-b222-4bc3-9986-23257...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=33addb77-b222-4bc3-9986-23257a6b75db&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D33addb7...
https://ids.ad.gt/api/v1/adb_match?adb=63146526281464078622612015753529730534&id=33addb77-b222-4bc3-9986-23257a6b75db

43 B
479 B

198ms
198ms

Image
image/gif

34.216.128.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=63146526281464078622612015753529730534&id=33addb77-b222-4bc3-9986-23257a6b75db
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.128.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-128-100.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
cache-control: public, max-age=43200
server: nginx/1.16.1
content-type: image/gif
expires: Mon, 03 May 2021 15:56:12 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v005-00afb0305.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TVioB3uAShg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ids.ad.gt/api/v1/adb_match?adb=63146526281464078622612015753529730534&id=33addb77-b222-4bc3-9986-23257a6b75db
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 139F
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=a2373cb4be0688dfb4f4f3b74...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YI90Wh8GCBehdDZLsvjnwQAA%261146&gdpr=0

49 B
547 B

37ms
37ms

Image
image/gif

18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YI90Wh8GCBehdDZLsvjnwQAA%261146&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YI90Wh8GCBehdDZLsvjnwQAA%261146&gdpr=0
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 310
Expires: Mon, 03 May 2021 03:56:13 GMT

GET
H/1.1 200
OK / Show response
hb.brainlyads.com/json-parts/4231/ Frame 4B88 2 KB
1 KB 547ms
99ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/json-parts/4231/?ver=1.0&pageId=1825894901&sizes=[[728,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.aha-music.com/%22],[%22referrer%22,%22%22]]
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: f93ee9a3f0bc918b7e0ae57f6b5753477e092633eaaaf85b7c41c3d419c68b31

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:12 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
ETag: W/"924-XbzaSSwWeRUftjvzaxDeKzNji5U"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK / Show response
hb.brainlyads.com/json-parts/4228/ Frame AC00 2 KB
1 KB 643ms
99ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.brainlyads.com/json-parts/4228/?ver=1.0&pageId=1825894901&sizes=[[970,250],[728,90],[728,250],[970,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.aha-music.com/%22]]
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-158-212.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: b1b2c52d0bbaed0d780ca8855b7d8dfef4632d91e1eeb3bded23f9eee3f97435

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:12 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
ETag: W/"949-Tzh+J3/Js539uD++sEJDsOcSSl8"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 1573ms
183ms Script
text/plain 50.112.180.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=70cdd212ce89c3f093b259db63823dfe&url=https%3A%2F%2Fwww.aha-music.com%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.112.180.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 May 2021 03:56:14 GMT
server: nginx/1.14.1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: kJJMPUn0POEJvDWZ8GSIThHK2E8iWbl8jdj0ZyVkN4dRX/CsQJEa5TpxyueHgBHcgImSzlrHtquSgCgsngg38Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 03 May 2021 03:56:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
890 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1050
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Mon, 03 May 2021 04:38:42 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1197
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 03 May 2021 04:36:15 GMT

GET
H3-29 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 258 KB
74 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd85740788924ed9efc484d807b0059db1aa8cec979b7acbf92b35329056db6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76107
x-xss-protection: 0
pragma: public
x-fb-debug: wsrL6zTjoBEa5R+tbIQLtJ1+/z32nyTvCdpYV2dOAjgs/TOxf5MUnLoF06DN0hxWft8hLnbTF9y0ImC8D8Kk+w==
date: Mon, 03 May 2021 03:56:12 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.aha-music.com%2F&rl=&if=false&ts=1620014172842&cd[partner_id]=251&cd[tagger_id]=70cdd212ce89c3f093b259db63823dfe&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620014172841.39959802&it=1620014172802&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 03 May 2021 03:56:12 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5F14 61 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04270931118898ee0c5a4c5dd3a5e2c5a383b45d6a41f385998fd62021403451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "860 / 465 of 1000 / last-modified: 1619820675"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21179
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:12 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0E1F 19 B
873 B 20ms
20ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: b0423d9c-8cfe-4184-88dd-761ea235360f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aha-music.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0E1F 19 B
872 B 35ms
15ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: ad38a196-1dd1-4b4e-ac65-04beafdcc282
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aha-music.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 0E1F 65 B
629 B 550ms
100ms XHR
application/json 52.4.152.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bL3J6uJbar64kIaKjGFx_2
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: 010dcefa74883f48ca1a2590c7efea87ef8b78e2efe19191550852332d13a27c

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.aha-music.com
access-control-allow-credentials: true

POST
H2 204 mvo Show response
tag.1rx.io/rmp/226647/0/ Frame 0E1F 0
173 B 138ms
14ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/226647/0/mvo?z=1r&hbv=3.22,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 0E1F 15 B
369 B 120ms
9ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.aha-music.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 0E1F 25 B
459 B 1080ms
28ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=540475&v=7.2&r=%7B%22id%22%3A%221122ef059a3c8e7%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221279c0c4ae71e95%22%2C%22ext%22%3A%7B%22siteID%22%3A%22540475%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.aha-music.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215448%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a337bcb394c0baacce92af8b5a7fd06fdf88e12d89feae545e3565dcd1c2eb67

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:13 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.aha-music.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 45
Expires: Mon, 03 May 2021 03:56:13 GMT

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 0E1F 173 B
418 B 21ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.aha-music.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=83c21aaf-2931-48ea-ba4d-8f70d9952a77&nocache=1620014172857&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1&schain=1.0%2C1!nextmillennium.io%2C15448%2C1%2C%2C%2C&aus=728x90&divIds=1-24e6-%252F90814396%252FAha-music_header_HB&auid=543977987
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: e1ae563ee20e2bfe5aedf736d8e3814982d73223a385024ccee369e8ca31f245

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
content-encoding: gzip
server: OXGW/16.206.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.aha-music.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pubads_impl_2021042901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5F14 298 KB
105 KB 15ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

52895609985ce111d4155d4874235999fde1587867d07ed2f1c6074c3aa87c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 08:40:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107611
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:12 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B167 61 KB
21 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6885f0f9e2471215c58c630a45a4c52d421166db93b2f9388a96e122c9176ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "860 / 779 of 1000 / last-modified: 1619820605"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21191
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:12 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 0E1F 15 B
369 B 25ms
8ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.aha-music.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0E1F 19 B
873 B 15ms
15ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: c5fcf89b-82fd-414c-a310-1554af7cc677
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aha-music.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/226647/0/ Frame 0E1F 0
173 B 44ms
16ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/226647/0/mvo?z=1r&hbv=3.22,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0E1F 19 B
872 B 15ms
15ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:12 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.42:80
AN-X-Request-Uuid: e24dcb97-eb17-49ca-9049-6a6c47b57eb3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.aha-music.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 0E1F 25 B
459 B 1018ms
33ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=540475&v=7.2&r=%7B%22id%22%3A%2223f80b76b30ee42%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222424950d4619bde%22%2C%22ext%22%3A%7B%22siteID%22%3A%22540475%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.aha-music.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215448%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb4381e2dbb27a1489557090da9d86f0db38ab284fe0be6d5bd70c44b7b451b3

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:13 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.aha-music.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 45
Expires: Mon, 03 May 2021 03:56:13 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 0E1F 65 B
635 B 452ms
101ms XHR
application/json 52.4.152.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bL3J6uJbar64kIaKjGFx_2
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: 0e733f03e06604b971168a5137f636ca9b30e31bbeed5fff8221fdbc0f0f3b42

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.aha-music.com
access-control-allow-credentials: true

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 0E1F 173 B
356 B 20ms
19ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.aha-music.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=ea194beb-ecd8-4f6e-bdb7-bcbdff7eadad&nocache=1620014172953&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1&schain=1.0%2C1!nextmillennium.io%2C15448%2C1%2C%2C%2C&aus=970x250%2C728x90%2C728x250%2C970x90&divIds=1-71b6-%252F90814396%252FAha-music_intext_HB&auid=543977984
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: c6cdac8037cc4e231d93c7753917bb7bcf46449d89d1a05cf306a122066112c0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
content-encoding: gzip
server: OXGW/16.206.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.aha-music.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 17ms
17ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=36&serverTime=1620014170&vid_playerVer=3.1.0&s=99303&sta=0&x=500&y=281&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014172955&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H3-29 200 pubads_impl_2021042701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B167 301 KB
106 KB 14ms
14ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108684
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:12 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 139F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=5f0464327a6aafe6824f4de...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=0&gdpr_consent=

49 B
359 B

18ms
17ms

Image
image/gif

18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Mon, 03 May 2021 03:55:41 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 May 2021 03:55:40 GMT

GET
H2

200

img
ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/ Frame 139F
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=6e64dcb8c7552d83883b3fff3f9b6d40168154376fd02c861f82aac7632c5681&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba80f31a...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=6e64dcb8c7552d83883b3fff3f9b6d40168154376fd02c861f82aac7632c5681&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747ba8...
https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?tpid=42&gdpr=0&tpuid=5924006585161571960

49 B
392 B

28ms
28ms

Image
image/gif

18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?tpid=42&gdpr=0&tpuid=5924006585161571960
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:13 GMT
server: nginx
location: https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?tpid=42&gdpr=0&tpuid=5924006585161571960
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 139F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=2b81220b-957b-440e-a837-5cc77f603144

49 B
361 B

19ms
19ms

Image
image/gif

18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=2b81220b-957b-440e-a837-5cc77f603144
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=2b81220b-957b-440e-a837-5cc77f603144
cache-control: no-cache
date: Mon, 03 May 2021 03:56:12 GMT
server-processing-duration-in-ticks: 3742
content-type: text/html; charset=utf-8
content-length: 237
expires: Mon, 03 May 2021 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 139F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=6737b38577f78b0fb5ccd652...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=0&gdpr_consent=

49 B
474 B

20ms
20ms

Image
image/gif

18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Mon, 03 May 2021 03:55:41 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 May 2021 03:55:40 GMT

GET
H2

200

img
ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/ Frame 139F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=3f76812dc55bc5eff5b22e3dc4ff766f83f20795dce5e41a597e152ab2fd9507&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F470...
https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?uid=3f76812dc55bc5eff5b22e3dc4ff766f83f20795dce5e41a597e152ab2fd9507&tpid=38&gdpr=0&tpuid=CAESEPw9PV-yhTysAo2-uMU7hn4...

49 B
510 B

15ms
15ms

Image
image/gif

18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?uid=3f76812dc55bc5eff5b22e3dc4ff766f83f20795dce5e41a597e152ab2fd9507&tpid=38&gdpr=0&tpuid=CAESEPw9PV-yhTysAo2-uMU7hn4&google_cver=1
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/img?uid=3f76812dc55bc5eff5b22e3dc4ff766f83f20795dce5e41a597e152ab2fd9507&tpid=38&gdpr=0&tpuid=CAESEPw9PV-yhTysAo2-uMU7hn4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 424
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

js Show response
ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/ Frame 139F
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=47d0945bcdfd7f08c008bbcedb0554082cc1812e779fa9686972635fc133f954&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=47d0945bcdfd7f08c008bbcedb0554082cc1812e779fa9686972635fc133f954&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F4703b25185b747...
https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/js?tpid=48&tpuid=f49301ff7ae0434e90197a381ecbc0c4

44 B
513 B

23ms
23ms

Script
text/javascript

18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/js?tpid=48&tpuid=f49301ff7ae0434e90197a381ecbc0c4
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 255682b89003de8f5e41c67d1d00e13907df02240220a328aceda2fa370678b4

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:13 GMT
p3p: CP=NOI PSA OUR
content-length: 44
content-type: text/javascript

Redirect headers

Location: https://ih.adscale.de/sium/4703b25185b747ba80f31ab3b0219b89/1620014171210/0/js?tpid=48&tpuid=f49301ff7ae0434e90197a381ecbc0c4
Date: Mon, 03 May 2021 03:56:13 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 147
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

OPTIONS
H/1.1 200
OK statistics
report.hb.brainlyads.com/ Frame 0
0 311ms
101ms Preflight 3.215.247.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.hb.brainlyads.com/statistics
Protocol: HTTP/1.1
Server: 3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.aha-music.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 03 May 2021 03:56:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK statistics Show response
report.hb.brainlyads.com/ Frame 0E1F 0
232 B 110ms
110ms XHR
text/plain 3.215.247.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.hb.brainlyads.com/statistics
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 May 2021 03:56:13 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked

POST
H2 200 sium Show response
ih.adscale.de/ Frame 139F 0
190 B 21ms
21ms XHR
application/json 18.158.173.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.173.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Mon, 03 May 2021 03:56:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5F14 107 B
165 B 14ms
13ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.aha-music.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5F14 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aha-music.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 5F14 448 B
0 345ms
345ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1088747615304597&correlator=654092215909718&output=ldjh&impl=fifs&eid=31060950&vrg=2021042901&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210503&iu_parts=90814396%2CAha-music_header_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=refresh%3D0%26url%3Dhttps%253A%252F%252Fwww.aha-music.com%252F&eri=1&cookie_enabled=1&cdm=www.aha-music.com&bc=31&abxe=1&lmt=1620014173&dt=1620014173952&dlt=1620014172297&idt=621&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1814442017&ucis=artpg9mmnze4&ifi=1&ifk=3347961100&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.aha-music.com%2F&top=https%3A%2F%2Fwww.aha-music.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=2138946156.1620014171&ga_sid=1620014174&ga_hid=80567871&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.aha-music.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
45aeb35e78d1838e6a2d6ac2e73b5233.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F14 0
0 59ms
13ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://45aeb35e78d1838e6a2d6ac2e73b5233.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F14 0
0 6ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042901.js?31060950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame B167 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.aha-music.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B167 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aha-music.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B167 71 KB
12 KB 482ms
481ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1327993512822321&correlator=4215484786925206&output=ldjh&impl=fifs&eid=31060784%2C31060790%2C31060841%2C31060398%2C31060683%2C31060839&vrg=2021042701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210503&iu_parts=90814396%2CAha-music_intext_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C728x250%7C970x90&prev_scp=refresh%3D0%26url%3Dhttps%253A%252F%252Fwww.aha-music.com%252F&eri=1&cookie_enabled=1&cdm=www.aha-music.com&bc=31&abxe=1&lmt=1620014173&dt=1620014173986&dlt=1620014172302&idt=727&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=316943723&ucis=58ipt8fg25hd&ifi=1&ifk=3347961100&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.aha-music.com%2F&top=https%3A%2F%2Fwww.aha-music.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=2138946156.1620014171&ga_sid=1620014174&ga_hid=1816903549&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

77cb318ebdb050a24303d2ede571dff77c78cd1da75483e7aee8b8f015a6fc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12491
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.aha-music.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0a64875f7344906fd808afdb8aae3a1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B167 0
0 28ms
13ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0a64875f7344906fd808afdb8aae3a1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame B167 0
0 6ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 200
OK statistics Show response
report.hb.brainlyads.com/ Frame 0E1F 0
232 B 102ms
102ms XHR
text/plain 3.215.247.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.hb.brainlyads.com/statistics
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 May 2021 03:56:14 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked

OPTIONS
H/1.1 200
OK statistics
report.hb.brainlyads.com/ Frame 0
0 102ms
101ms Preflight 3.215.247.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.hb.brainlyads.com/statistics
Protocol: HTTP/1.1
Server: 3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.aha-music.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 03 May 2021 03:56:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 99ms
98ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 03 May 2021 03:56:14 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Fwww.aha-music.com%2F&rl=&if=false&ts=1620014174344&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AHA%20Music%20-%2...
https://cx.atdmt.com/?c=6440010347292210746&f=AYyqnilz9XcOPEGTpmgx1jYYfbd1AJGZE1Uo4Zgd51RoBWU0PmdRhB69eb9AuoEYFs6lJTiEWnVKDh9Z024cHMBs&id=1853083501571805&l=3&v=0

43 B
823 B

41ms
26ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=6440010347292210746&f=AYyqnilz9XcOPEGTpmgx1jYYfbd1AJGZE1Uo4Zgd51RoBWU0PmdRhB69eb9AuoEYFs6lJTiEWnVKDh9Z024cHMBs&id=1853083501571805&l=3&v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
x-fb-debug: 2Snbv8A9sFk/7hMC+baRi0CtTB7vcM42Y1HMobln09ltzqU1rRtWXyxncq97KA0XE2sTYs04W2uNbwggjGdCFw==
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 02 May 2021 20:56:14 PDT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sun, 02 May 2021 20:56:14 PDT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:14 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=6440010347292210746&f=AYyqnilz9XcOPEGTpmgx1jYYfbd1AJGZE1Uo4Zgd51RoBWU0PmdRhB69eb9AuoEYFs6lJTiEWnVKDh9Z024cHMBs&id=1853083501571805&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022103020108001/ Frame 5A3E 190 KB
55 KB 33ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66e5ac641a594d3e75dafa96f0ef3ce4cac642ecb3311698461beefc164e0f81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 480630
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55149
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:25:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "28692e13adbc87cf"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:25:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 5A3E 12 KB
5 KB 43ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 156161
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Sat, 01 May 2021 08:33:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 May 2022 08:33:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 5A3E 87 KB
27 KB 43ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 156162
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Sat, 01 May 2021 08:33:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 May 2022 08:33:32 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 5A3E 28 KB
9 KB 48ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022103020108001/v0/amp-carousel-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f83f2a3dffee7fcc46e393644e7389107244666e150a2e44a20499b081bdf9b3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250876
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8870
x-xss-protection: 0
server: sffe
date: Fri, 30 Apr 2021 06:14:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4df94956c2d8336e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 06:14:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 5A3E 27 KB
9 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 506874
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 07:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 07:08:20 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 5A3E 40 KB
13 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 493261
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 10:55:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 10:55:13 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 5A3E 6 KB
2 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022103020108001/v0/amp-gwd-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32cc1b4c9c93a589c0d7daebf1fe9d005b634d718f3eb531b140efdd2a2489c3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 319564
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2357
x-xss-protection: 0
server: sffe
date: Thu, 29 Apr 2021 11:10:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "639ea526923d6448"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 11:10:10 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A3E 2 KB
2 KB 10ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 03:59:16 GMT
x-content-type-options: nosniff
server: cafe
age: 86218
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 May 2021 03:59:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A3E 295 B
319 B 9ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 05:03:57 GMT
x-content-type-options: nosniff
server: cafe
age: 82337
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 03 May 2021 05:03:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5A3E 0
0 17ms
12ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5BPzrOKXr9UHPAI3KTDxl-6SMvO2d84lEkMasYKa64d41r_rJbVfMtQWUG1N9O2-VLQFLZgbZfW7aINBxxKdRq6VjHg
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5A3E 0
0 22ms
19ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbwLGXnSPYP2SAcSU9u8PgLWD-AqZtPG9YsjVrZK3Dd_kor3AARABIMS_zjhglfrwgYwHoAHX5e79AsgBCakCDkyD0ocqtD7gAgCoAwHIAwiqBNYBT9BS9s4J5gTS7ySbdd0B0L9_0bznXmza9OX3b_m2sDlVu02Z3w1YJ-8u8chDA8P0tVzZTOLJgnF0iWFtZBoXYnlLI_8Z32S84G5nHGWUd6ittmT2NtGMzX1BNTJZvbx4r05PfS7FEL8_mBoPtNU3twDXq9zQ4xazmOcGswwL7hqyMae37ZhtJmesUpZhfi9ssl11yZn4BEAXhEVhIZDtgimLyLtNle7altJLcMPdJss453kSRGFQtkuuYnZeRlMl9G-g9mUyRLcBG6pn0HzQ7fLOGBklCcAEhYflvsID4AQBkgUECAQYAZIFBAgFGASgBi6AB9egltYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJiLE9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODA3MTM3MzYxOTExMzM5M4AKA8gLAdgTAogUAbIXGgoYCAASFHB1Yi03MjY5MjM4NTAwNDk5Mjgw&sigh=GkDnkQ1I1R8&template_id=419
Requested by: Host: www.aha-music.com
URL: https://www.aha-music.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 jlr1.jpg
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 38 KB
38 KB 15ms
11ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/jlr1.jpg

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a323bcbcd52886051ce5a77149376576a445203c1e765e79043a8a7b559574e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39050
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 verlauf.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 6 KB
6 KB 14ms
10ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/verlauf.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a93e4d6aa2bff3aa5914d7f1160373bc7d5ee478476685a22aa804f936f986c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5813
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy0.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 3 KB
3 KB 13ms
9ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy0.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86c6b160c799ede3b8a011b725280e1b51d5e8802c30b268e71dcec561e2fb25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2922
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy1.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 5 KB
5 KB 25ms
21ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy1.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b71cd9b9c53e9703096bc07e7459e6a17452399394607cc2afd5f6b475bc4536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5033
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy3.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 5 KB
5 KB 24ms
20ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy3.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b30dc80070eb3ac5989ab59ccb58de02b471536b8f6c06c451bb2a234f5a84f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4952
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy4.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 21 KB
21 KB 22ms
19ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy4.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3bfe9fd85fd830a172efa04144b22cabd5c424dd0aa4e0b7d8e6802f6626825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21718
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy5.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 11 KB
11 KB 21ms
17ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy5.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f774f25f843224d9c22169422ba75a78b3def0a790557b9d945305e9929c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11737
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 3 KB
3 KB 20ms
17ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/cta.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2e892559cfeea1420ec776b6af87c35d197ba4be60f9660f955e2f287c6cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3228
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 haendler.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 6 KB
6 KB 20ms
17ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/haendler.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd262ed22e1fdbb166e68b6c414561593d86b729d271ecbfa30cb1dd38528908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6050
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 8 KB
8 KB 20ms
16ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/logo.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a244f460325dabb61cf6f87964598e4f347d26030af9cb5469e157e32492207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8661
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 logo2.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 4 KB
4 KB 16ms
13ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/logo2.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5d0d6ea45c127cad3eff041b66d92363a003dbe9fc5bab785ed39d4f0154ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4495
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 rahmen.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 291 B
316 B 16ms
13ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/rahmen.png

Requested by

Host: www.aha-music.com
URL: https://www.aha-music.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ccc50cd9d7cc3470c8358050b719ffdd395be6e6cb2472fb73309bb8b5400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 99ms
98ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/92813181936975/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 03 May 2021 03:56:14 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
DATA 200
OK truncated
/ Frame 5A3E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 212dbb1355753cfd62f60e8a6b50780045507f1fe274d0da694a33cccaad9757

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B167 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0376ec5bbec638ffc84ab75ffb121113469ba413b738973f5fae2df01ff63bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 03:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7683
x-xss-protection: 0

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum.casalemedia.com/ Frame 68A5 2 KB
3 KB 29ms
29ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4d299b65cd96730b837263fbacbd2432b9f4f6888d121aa16851bd57ac0ebba8

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YI90Wh8GCBehdDZLsvjnwQAA; CMPS=5182; CMPRO=1146; CMST=YI90WmCPdF0A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|81|238|41|64
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1680
Expires: Mon, 03 May 2021 03:56:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 May 2021 03:56:14 GMT
Connection: keep-alive
Set-Cookie: CMID=YI90Wh8GCBehdDZLsvjnwQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 May 2022 03:56:14 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 Aug 2021 03:56:14 GMT CMPRO=1146;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 Aug 2021 03:56:14 GMT CMST=YI90WmCPdF4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 04 May 2021 03:56:14 GMT CMRUM3=e6608f745e27600&ee608f745e27600&27608f745e0b40&f1608f745e05a0&51608f745e05a0&2d608f745e05a0&29608f745e05a00&40608f745e05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 May 2022 03:56:14 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame E569 8 KB
2 KB 60ms
27ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf8b7c774c8d0e5a2447231f1d8dd90521f8e6c54589c851c413118f03188b7

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
content-type: text/html
set-cookie: __cfduid=d1a08651284d402cc0ee4bea2bad330ae1620014174; expires=Wed, 02-Jun-21 03:56:14 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=b6dcff71-b4a3-4946-7009-eb43aa0596fa; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%D5n%01%BB%8C%06%96%1A%83p%E9%A5%DED%5D%13H%16%14r%FA%82%E0%C5%0B%93%06%9B%EC%8An%92i%D2l%A2%97+%95%B5%97%E1%DC6_L%0C%1F%AC%BBV%AD1%1A%B4%BAF_%A7%DE%BAS%7D%22qa%B2R%A1G%C6%3A%FA%3F%BF%DB%F0%E9%27%D50%A4%EDu4%89%F2%FA%22%B9%09g%C6%C4%97a%DA%3F%95%FA%3E%16%BD%08%CA%5D%CCE%F7%07%5C%CD+D%D0C%5B%18Ya%95%B7%E0%9CJ%23%B9%D5U6s%F7%A5%90%40%09%1E%BFv-jS%8D%0C%CD%1D%8B%24%88%25%3B%0C%04L%A1%1Bt%B7%F9%DF%12%86%FC%EA%94%84w%95; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09d1f7a94b00004eb090330000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64968eeed9bb4eb0-FRA
content-encoding: br

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B167 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 03 May 2021 03:56:14 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 47BD 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha-music.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 02 May 2021 22:30:28 GMT
expires: Mon, 02 May 2022 22:30:28 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19546
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 68A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKkS8lLdBk9UscF9mOmm8xs&google_cver=1

43 B
315 B

21ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKkS8lLdBk9UscF9mOmm8xs&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:14 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKkS8lLdBk9UscF9mOmm8xs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 68A5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t

43 B
433 B

203ms
101ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:18 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 68A5 70 B
264 B 32ms
31ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YI90Wh8GCBehdDZLsvjnwQAA&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 68A5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YI90Wh8GCBehdDZLsvjnwQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG9Fdaj7OIRWBwe2fCH6Ja0&google_cver=1

43 B
1 KB

131ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG9Fdaj7OIRWBwe2fCH6Ja0&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG9Fdaj7OIRWBwe2fCH6Ja0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 68A5
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Vmh3dVdsenZNYXkqVjtidVBqdndNbn1yWGywN1Da

43 B
1 KB

3070ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Vmh3dVdsenZNYXkqVjtidVBqdndNbn1yWGywN1Da
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Vmh3dVdsenZNYXkqVjtidVBqdndNbn1yWGywN1Da
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

451

396846.gif
idsync.rlcdn.com/ Frame 68A5
Redirect Chain

https://idsync.rlcdn.com/461886.gif?partner_uid=YI90Wh8GCBehdDZLsvjnwQAA%261146
https://idsync.rlcdn.com/1000.gif?memo=CL6YHBIpCiUIARDY9gEaHVlJOTBXaDhHQ0JlaGREWkxzdmpud1FBQSYxMTQ2EAAaDQjh6L2EBhIFCOgHEABCAEoA
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a9e67402-a477-0fa2-0d5d-184787164ac0

0
42 B

14ms
14ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a9e67402-a477-0fa2-0d5d-184787164ac0
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Mon, 03 May 2021 03:56:17 GMT
content-encoding: gzip
server: OXGW/16.206.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a9e67402-a477-0fa2-0d5d-184787164ac0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 68A5 43 B
408 B 3066ms
14ms Image
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-2
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 68A5
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622606177

43 B
1 KB

112ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622606177
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622606177
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 um
u-ams02.e-planning.net/ Frame 68A5 42 B
103 B 18ms
17ms Image
image/gif 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=7082973f7bb48dba&uid=YI90Wh8GCBehdDZLsvjnwQAA%261146
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7082973f7bb48dba%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
server: openresty
content-type: image/gif

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame E569 0
0 14ms
13ms Image
text/html 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d...
https://mwzeom.zeotap.com/mw?google_gid=CAESEC44D60vXrj7wOV5c9-Odds&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d...

95 B
295 B

30ms
29ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEC44D60vXrj7wOV5c9-Odds&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968eef7a9a4eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7a9ab00004eb0b6b47000000001

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEC44D60vXrj7wOV5c9-Odds&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=78838e74-9b55-43a2-9963-e7bd60d74cb8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41...

95 B
408 B

33ms
32ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=78838e74-9b55-43a2-9963-e7bd60d74cb8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968f02acef4eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7b5a400004eb0d5a48000000001

Redirect headers

date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=78838e74-9b55-43a2-9963-e7bd60d74cb8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
alt-svc: clear
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame E569 0
331 B 7237ms
35ms Image
text/plain 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:21 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D4...
https://mwzeom.zeotap.com/mw?cid=bda644ec-55de-48a5-af09-ed9088c1d433&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41...

95 B
179 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=bda644ec-55de-48a5-af09-ed9088c1d433&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968eef8ab14eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7a9b600004eb07e158000000001

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=bda644ec-55de-48a5-af09-ed9088c1d433&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame E569 0
161 B 7198ms
27ms Image
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Mon, 03 May 2021 03:56:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1620014182.783604,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19123-FRA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_...
https://mwzeom.zeotap.com/mw?zpartnerid=1368&env=mWeb&cid=g051_6957907887797081477&gdpr=${GDPR_ENFORCED}&gdpr_consent=${GDPR_CONSENT}

95 B
323 B

29ms
28ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1368&env=mWeb&cid=g051_6957907887797081477&gdpr=${GDPR_ENFORCED}&gdpr_consent=${GDPR_CONSENT}
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968f1c49f24eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7c5b100004eb0a6af0000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1368&env=mWeb&cid=g051_6957907887797081477&gdpr=${GDPR_ENFORCED}&gdpr_consent=${GDPR_CONSENT}
Pragma: no-cache
Date: Mon, 03 May 2021 03:56:21 GMT
Cache-Control: no-store
Content-Type: text/html
Content-Length: 0
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"

GET
H/1.1 200
OK UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E569 0
240 B 17ms
13ms Image
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:13 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=136...
https://mwzeom.zeotap.com/mw?cid=ed926a03-cb51-42da-a2ae-a19d58927192&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
179 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=ed926a03-cb51-42da-a2ae-a19d58927192&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968ef04bdb4eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7aa3100004eb0b9175000000001

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:14 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=ed926a03-cb51-42da-a2ae-a19d58927192&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b6dcff71-b4a3-4946-7009-eb43aa0596fa&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://mwzeom.zeotap.com/mw?cid=63146526281464078622612015753529730534&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-...

95 B
179 B

29ms
29ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=63146526281464078622612015753529730534&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968eef8ab04eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7a9b600004eb0a4386000000001

Redirect headers

DCS: dcs-prod-irl1-1-v005-00aa7f350.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Q5pCA0ybQHM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=63146526281464078622612015753529730534&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame E569 0
324 B 7188ms
18ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:21 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=b6dcff71-b4a3-4946-7009-eb43aa0596fa&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021050305-84429-0.106064001620014176-47dc50a6d54045f493e9fcfb52ad5d0a&zdid=533&env=mWeb

95 B
202 B

33ms
33ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021050305-84429-0.106064001620014176-47dc50a6d54045f493e9fcfb52ad5d0a&zdid=533&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968ef7ee844eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7aef500004eb0e5160000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021050305-84429-0.106064001620014176-47dc50a6d54045f493e9fcfb52ad5d0a&zdid=533&env=mWeb
Date: Mon, 03 May 2021 03:56:16 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6957907896395102350&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-...

95 B
179 B

28ms
28ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6957907896395102350&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968ef12d284eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7aabb00004eb07e165000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6957907896395102350&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Date: Mon, 03 May 2021 03:56:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame E569
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=b6dcff71-b4a3-4946-7009-eb43aa0596fa
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b6dcff71-b4a3-4946-7009-eb43aa0596fa

95 B
427 B

19ms
19ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b6dcff71-b4a3-4946-7009-eb43aa0596fa

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=b6dcff71-b4a3-4946-7009-eb43aa0596fa
alt-svc: clear
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b6dcff71-b4a3-4946-7009-eb43aa0596fa&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=b6dcff71-b4a3-4946-7009-eb43aa0596fa&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=0fmTRPoHkqwNBgRJF/hdL.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f...

95 B
179 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=0fmTRPoHkqwNBgRJF/hdL.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968ef66c5c4eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7adff00004eb0df0d9000000001

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:15 GMT
via: 1.1 google
last-modified: Mon, 03 May 2021 03:56:15 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=0fmTRPoHkqwNBgRJF/hdL.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame E569 36 B
378 B 289ms
11ms Image
image/gif 89.163.159.101
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=b6dcff71-b4a3-4946-7009-eb43aa0596fa&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.101 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:15 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=b6dcff71-b4a3-4946-7009-eb43aa0596fa?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=b6dcff71-b4a3-4946-7009-eb43aa0596fa?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=45d6955b33e7146e22004a3e2c7378c8&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02...

95 B
307 B

27ms
27ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=45d6955b33e7146e22004a3e2c7378c8&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968ef22e814eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7ab5a00004eb0a935f000000001

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:15 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=45d6955b33e7146e22004a3e2c7378c8&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
cache-control: no-cache
x-server: 10.45.22.206
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-G.i785tE2oqP4knPWPz3ptOYVGeawPrgeg--~A&zpartnerid=570&env=mWeb

95 B
179 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-G.i785tE2oqP4knPWPz3ptOYVGeawPrgeg--~A&zpartnerid=570&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968ef2ff7c4eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7abd900004eb0879b0000000001

Redirect headers

date: Mon, 03 May 2021 03:56:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-G.i785tE2oqP4knPWPz3ptOYVGeawPrgeg--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=zhh2kUJAhlvqfcCoiH29oB0ni55nkdsh%2BS41iYitP1U%3D

95 B
179 B

34ms
34ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=zhh2kUJAhlvqfcCoiH29oB0ni55nkdsh%2BS41iYitP1U%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968ef429654eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7ac9b00004eb0760a6000000001

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:15 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=zhh2kUJAhlvqfcCoiH29oB0ni55nkdsh%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame E569 43 B
324 B 33ms
17ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=b6dcff71-b4a3-4946-7009-eb43aa0596fa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:15 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E569 0
337 B 845ms
30ms Image
text/plain 54.170.10.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.10.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1620014176
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame E569 95 B
360 B 15ms
14ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=b6dcff71-b4a3-4946-7009-eb43aa0596fa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:15 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YI90XwAAqTiNKQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a...

95 B
179 B

29ms
29ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YI90XwAAqTiNKQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&_test=YI90XwAAqTiNKQAC
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968ef52aaa4eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7ad3900004eb0ad22f000000001

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620014176.542094,VS0,VE0
x-served-by: cache-hhn4046-HHN
x-cache: HIT
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YI90XwAAqTiNKQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&_test=YI90XwAAqTiNKQAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=d147608f-745d-4900-9a98-2c16c7c6709f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4...

95 B
179 B

27ms
27ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=d147608f-745d-4900-9a98-2c16c7c6709f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968efc2c264eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7b19400004eb0b6bb5000000001

Redirect headers

Date: Mon, 03 May 2021 03:56:16 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=d147608f-745d-4900-9a98-2c16c7c6709f&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 03 May 2021 03:57:57 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E569
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d705...

0
336 B

30ms
30ms

Image
text/plain

54.170.10.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.10.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1620014176
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
date: Mon, 03 May 2021 03:56:16 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a012-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame E569
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b6dcff71-b4a3-4946-7009-eb43aa0596fa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-700...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b6dcff71-b4a3-4946-7009-eb43aa0596fa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-700...

43 B
433 B

31ms
30ms

Image
image/gif

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b6dcff71-b4a3-4946-7009-eb43aa0596fa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&dcc=t
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:18 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:18 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b6dcff71-b4a3-4946-7009-eb43aa0596fa&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E569
Redirect Chain

https://tags.bluekai.com/site/87734?id=b6dcff71-b4a3-4946-7009-eb43aa0596fa&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734

95 B
414 B

30ms
29ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64968ef9d9234eb0-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d1f7b02500004eb08a99f000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date: Mon, 03 May 2021 03:56:16 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 3436
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame E569 0
38 B 1105ms
30ms Image
text/plain 54.74.77.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db6dcff71-b4a3-4946-7009-eb43aa0596fa%26reqId%3D427f9d4a-02b1-4f41-5d5e-f6a2d7055edc%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.77.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:17 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame E569 557 B
597 B 41ms
40ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62a4dbafadf8eef4ac15b30b5f0dba606196730c1a28cc57497cc9e9ec1fe4a8

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64968eef4a5e4eb0-FRA
date: Mon, 03 May 2021 03:56:14 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 09d1f7a99200004eb08798f000000001

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame 47BD 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 21:11:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 197113
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Sat, 30 Apr 2022 21:11:01 GMT

GET
H2 204 cmp
spl.zeotap.com/ Frame E569 0
0 23ms
23ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b6dcff71-b4a3-4946-7009-eb43aa0596fa&reqId=427f9d4a-02b1-4f41-5d5e-f6a2d7055edc&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=b6dcff71-b4a3-4946-7009-eb43aa0596fa; zsc=%D5n%01%BB%8C%06%96%1A%83p%E9%A5%DED%5D%13H%16%14r%FA%82%E0%C5%0B%93%06%9B%EC%8An%92i%D2l%A2%97+%95%B5%97%E1%DC6_L%0C%1F%AC%BBV%AD1%1A%B4%BAF_%A7%DE%BAS%7D%22qa%B2R%A1G%C6%3A%FA%3F%BF%DB%F0%E9%27%D50%A4%EDu4%89%F2%FA%22%B9%09g%C6%C4%97a%DA%3F%95%FA%3E%16%BD%08%CA%5D%CCE%F7%07%5C%CD+D%D0C%5B%18Ya%95%B7%E0%9CJ%23%B9%D5U6s%F7%A5%90%40%09%1E%BFv-jS%8D%0C%CD%1D%8B%24%88%25%3B%0C%04L%A1%1Bt%B7%F9%DF%12%86%FC%EA%94%84w%95
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Mon, 03 May 2021 03:56:14 GMT
set-cookie: __cfduid=d733d1e99657c2b9039191319048fe8c11620014174; expires=Wed, 02-Jun-21 03:56:14 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09d1f7a9bf00004eb07935e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64968eef9acb4eb0-FRA

GET
H3-29 200 jlr1.jpg
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 38 KB
38 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/jlr1.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a323bcbcd52886051ce5a77149376576a445203c1e765e79043a8a7b559574e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39050
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 verlauf.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 6 KB
6 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/verlauf.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a93e4d6aa2bff3aa5914d7f1160373bc7d5ee478476685a22aa804f936f986c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5813
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy0.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy0.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86c6b160c799ede3b8a011b725280e1b51d5e8802c30b268e71dcec561e2fb25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2922
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy1.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 5 KB
5 KB 8ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy1.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b71cd9b9c53e9703096bc07e7459e6a17452399394607cc2afd5f6b475bc4536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5033
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy3.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy3.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b30dc80070eb3ac5989ab59ccb58de02b471536b8f6c06c451bb2a234f5a84f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4952
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy4.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 21 KB
21 KB 8ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy4.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3bfe9fd85fd830a172efa04144b22cabd5c424dd0aa4e0b7d8e6802f6626825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21718
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 copy5.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 11 KB
11 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/copy5.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f774f25f843224d9c22169422ba75a78b3def0a790557b9d945305e9929c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11737
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/cta.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2e892559cfeea1420ec776b6af87c35d197ba4be60f9660f955e2f287c6cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3228
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 haendler.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 6 KB
6 KB 9ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/haendler.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd262ed22e1fdbb166e68b6c414561593d86b729d271ecbfa30cb1dd38528908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6050
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 8 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/logo.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a244f460325dabb61cf6f87964598e4f347d26030af9cb5469e157e32492207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8661
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 logo2.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 4 KB
4 KB 9ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/logo2.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5d0d6ea45c127cad3eff041b66d92363a003dbe9fc5bab785ed39d4f0154ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4495
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 200 rahmen.png
tpc.googlesyndication.com/sadbundle/15178660091502267494/ Frame 5A3E 291 B
316 B 9ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15178660091502267494/rahmen.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ccc50cd9d7cc3470c8358050b719ffdd395be6e6cb2472fb73309bb8b5400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:13:07 GMT
x-content-type-options: nosniff
age: 20587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 06:30:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:13:07 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B167 0
20 B 18ms
16ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042701&jk=1327993512822321&bg=!DQ6lDkrNAAZLnZBaS507ACkAdvg8WqSq4JUyIyco3me-oMQW9d54HViSyotwjqSRhPeT5ANlTLaCGAIAAABjUgAAAAxoAQcKAKtm2bUeSlMHH7y4ZLolKTpNYPloYlKBbZxbgMQvUpUqQTFrPXZ-p_lk8rLpIxi-WN9OZW6hOHVV07p0-zThgEy9Snfkdxd0fIpXaXT7GGfF42xRYjhQnxdXDSzsqn22Lg74Ii01We2MkuvA3N276lOzSJg8sshbRTOacksP7XV5KNFZgQ_m2FYnTkGL3Ih4v2QJECEFTkq-ooMaNmnBlS4sNESmlMp3WKxXeUCZApmUxKC5HnsGYuSXRTBGPgXhJ8CPlz6J0ta05CnJDWVx47Xii03rCzhSCUnlQZZH4kSfzI26urWQiMiF_mc4lutGulnbi4xkWm5_mHUfB1JWRkCBTyoBnvaTeBqsFl4zKyEsSwiIAfqJYpoyWpZk9y8UoIObLSyXoLlUVfbGDJ-d2-W2S6oun4rWGREcoEehO_5C_6y1hG2JzxqOzFhz55CtfTB2v0S-YFwxe6ptT_ryZxjYJqKEZ77E__MvrNGPLXGXCOh39ICe1P0NzW1wzdLhlUCkVvaBgoWUrmsFtZYmyxU-0x_CcTFppoazwVsz1I7y28eXJKdpzwTRl-y-Z3s8ltSs9zyoSPwYhtwFgt86NTj9iGWBzgo4PVy9UE_DhCVB5jdp96l-VD6s7JHYZuYSRGkafoJL3nz5OQWxdof8ls7wAWKgweDPK2I4sBtMUYp9xllNWEuZuK3OKxnuxxWJTnbVXsqaIsNQLyUeXihSSQOkAK9NEV91_KBOAzQWdMgEenx-bA_9u9WWVrqG1QHt3sH53ouvyNw_TUzOq-7yqCdQkM5anNsmOT6SD-4a8KhHA-27qRAwAyxh4OMzEq5WnVSF_ZmSj2ychXcR7HvyBej6EGnb2_1od-5IRk5yCtJ-v6WhDLKKEEz7Zmun2MmdfpN5Um4ifQznQ2qPk89sNtmEFNHJrtfF4YnQNPgdxWMpOuIiBUkif7OQYiZwpTTrPzdZO7R46Bw2wBrqTOMYGIc3-4pJi4ZNptvTYK2rvunmwnWH0D-6bmRuTebTdO4ivzijQITNh2xyo0dTLQeZuKYFXWH51wpvv8bVw8JGdOR7uXFC-ZbQMfoQP8EYMxZ6yPUB_eyOg5IHq983LiEmSMWqa9439ic-DA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0D2B 30 KB
9 KB 19ms
19ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47499
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9235
Expires: Mon, 03 May 2021 17:07:53 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0D2B 284 B
536 B 91ms
27ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5A3E 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnZzWzZLWXpkUTpnnym2Z6zuqMYvsDvznYg8pvR_wjy7D0NIaVc2Fi3F1fAhb5L9SPB1ifCVB0mmm2Qf-_V2ZxAIyc4UVG6B4G42sk7_I57dZ2-VPbOhhMBRBNBg&sai=AMfl-YStLfJt4yq3lzcyyb45kdH9WnogrVISPSJsz2lzWfN_i2E6UnLq9dcVF0dtYpoKGg_aA40relAtsg6rziTWpbn4YLbf_Qyv6GmrYm3xL4Re_ADrLoA2gChJNyw&sig=Cg0ArKJSzDPuuoezFtq-EAE&cid=CAASF-RoOD6KewVTghEg21OmJ0f1cgEUpY03&id=ampim&o=436,598&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=141&tls=1141&g=100&h=100&tt=1142&r=v&avms=ampa&adk=316943723

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 18ms
18ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1620014170&vid_playerVer=3.1.0&s=99303&sta=0&x=500&y=281&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014175952&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:15 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
12ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D27GFSL45N&gtm=2oe4l3&_p=1239810693&sr=1600x1200&ul=en-us&cid=2138946156.1620014171&_s=2&dl=https%3A%2F%2Fwww.aha-music.com%2F&dt=AHA%20Music%20-%20Song%20Finder%20for%20Browser%20%7C%20What%20song%20is%20this%3F%3F&sid=1620014171&sct=1&seg=0&en=scroll&_et=2&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D27GFSL45N
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aha-music.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame B316 2 KB
1 KB 77ms
24ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.aha-music.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 03 May 2021 03:56:17 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame E33C 995 B
875 B 58ms
18ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.aha-music.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5545279270872244402
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 03 May 2022 03:56:16 GMT
Date: Mon, 03 May 2021 03:56:16 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5905 995 B
875 B 58ms
19ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.aha-music.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5545279270872244402
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 03 May 2022 03:56:16 GMT
Date: Mon, 03 May 2021 03:56:16 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame DC3A 2 KB
818 B 10ms
9ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1620014172978

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1620014172978
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha-music.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame BCFA 1007 B
855 B 19ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: dcbc6eacf5a74ccda53724fd84db3d61812dfac4d1d20cff2e71bd8da8f06bcc

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha-music.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=2f8c343d-c0b7-0635-08f2-505cdaaa18e5|1620014172
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=2f8c343d-c0b7-0635-08f2-505cdaaa18e5|1620014172; Version=1; Expires=Tue, 03-May-2022 03:56:16 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620014176|mOgegqnskin0vNomiygu; Version=1; Expires=Tue, 18-May-2021 03:56:16 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.206.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 May 2021 03:56:16 GMT
content-type: text/html
content-length: 545
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 18DA 0
0 347ms
114ms Document
text/plain 208.100.17.175
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bL3J6uJbar64kIaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined&gdpr=1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.175 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip175.208-100-17.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bL3J6uJbar64kIaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha-music.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

x-33x-status: 200000000000000002000208
server: 33XP001
date: Mon, 03 May 2021 03:56:17 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 725B 2 KB
1 KB 74ms
24ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.aha-music.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 03 May 2021 03:56:17 GMT
Connection: keep-alive

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame A0EE 1007 B
851 B 19ms
19ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: dcbc6eacf5a74ccda53724fd84db3d61812dfac4d1d20cff2e71bd8da8f06bcc

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha-music.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=2f8c343d-c0b7-0635-08f2-505cdaaa18e5|1620014172
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=2f8c343d-c0b7-0635-08f2-505cdaaa18e5|1620014172; Version=1; Expires=Tue, 03-May-2022 03:56:16 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620014176|mOgegqnskin0vNomiygu; Version=1; Expires=Tue, 18-May-2021 03:56:16 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.206.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 May 2021 03:56:16 GMT
content-type: text/html
content-length: 545
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C7AB 2 KB
818 B 9ms
9ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1620014172978

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1620014172978
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aha-music.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aha-music.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 200 68e76d20-f99c-ab8b-63f3-8e4141dae651
pr-bh.ybp.yahoo.com/sync/openx/ Frame BCFA 43 B
715 B 34ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/68e76d20-f99c-ab8b-63f3-8e4141dae651?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame BCFA
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GIvVYcFQ1LDpGV5

43 B
106 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GIvVYcFQ1LDpGV5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:16 GMT
Server: PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-0be8967e1153531ee@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GIvVYcFQ1LDpGV5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BCFA
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=7dc29d92-0f50-46de-acda-f6a387832a3d
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=7dc29d92-0f50-46de-acda-f6a387832a3d
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=d017d882-9d82-4a68-9e1e-ae95c999ef38&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=ab44c01f-ec58-4846-83cf-8c234d25a1f1

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=ab44c01f-ec58-4846-83cf-8c234d25a1f1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=ab44c01f-ec58-4846-83cf-8c234d25a1f1
date: Mon, 03 May 2021 03:56:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame BCFA
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcmowN0JIdWtBQUNzSVNRRk5pZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

31ms
31ms

Image
image/gif

52.49.40.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame BCFA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d147608f-745d-4900-9a98-2c16c7c6709f

43 B
106 B

16ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d147608f-745d-4900-9a98-2c16c7c6709f
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 03 May 2021 03:55:45 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d147608f-745d-4900-9a98-2c16c7c6709f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 May 2021 03:55:44 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BCFA
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=6Q4RougKHKHyBx_96V0Eou8MEKDyCBul5wogp0zl

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=6Q4RougKHKHyBx_96V0Eou8MEKDyCBul5wogp0zl
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=6Q4RougKHKHyBx_96V0Eou8MEKDyCBul5wogp0zl
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame BCFA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5924006585161571960

43 B
106 B

18ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5924006585161571960
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5924006585161571960
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame BCFA 70 B
264 B 33ms
30ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=fc200b64-6930-39c2-5224-98b4be8d2b18&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame BCFA 170 B
188 B 18ms
17ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDA0ZmQ4YWUtYTA0Ny02NzY2LTQ3YzQtYzIwZDc0NmZlNTc4

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BCFA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVyY2Z6zJ5oAYm7ZjjnLo4&google_cver=1

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVyY2Z6zJ5oAYm7ZjjnLo4&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVyY2Z6zJ5oAYm7ZjjnLo4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 68e76d20-f99c-ab8b-63f3-8e4141dae651
pr-bh.ybp.yahoo.com/sync/openx/ Frame A0EE 43 B
88 B 35ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/68e76d20-f99c-ab8b-63f3-8e4141dae651?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A0EE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GIvVYcFQ1LDpGV5

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GIvVYcFQ1LDpGV5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-02897015ee195686e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GIvVYcFQ1LDpGV5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame A0EE
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ab44c01f-ec58-4846-83cf-8c234d25a1f1&ssp=openx&gdpr=&gdpr_consent=

43 B
106 B

16ms
16ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ab44c01f-ec58-4846-83cf-8c234d25a1f1&ssp=openx&gdpr=&gdpr_consent=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ab44c01f-ec58-4846-83cf-8c234d25a1f1&ssp=openx&gdpr=&gdpr_consent=
date: Mon, 03 May 2021 03:56:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame A0EE
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFcmtFN0JIdWtBQUNzSVNRRk5pZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

28ms
28ms

Image
image/gif

52.49.40.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A0EE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d147608f-745d-4900-9a98-2c16c7c6709f

43 B
106 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d147608f-745d-4900-9a98-2c16c7c6709f
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 03 May 2021 03:55:45 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d147608f-745d-4900-9a98-2c16c7c6709f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 May 2021 03:55:44 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A0EE
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=6Q4RougKHKHyBx_96V0Eou8MEKDyCBul5wogp0zl

43 B
106 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=6Q4RougKHKHyBx_96V0Eou8MEKDyCBul5wogp0zl
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=6Q4RougKHKHyBx_96V0Eou8MEKDyCBul5wogp0zl
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A0EE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5924006585161571960

43 B
106 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5924006585161571960
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5924006585161571960
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A0EE 70 B
264 B 33ms
31ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=fc200b64-6930-39c2-5224-98b4be8d2b18&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame A0EE 170 B
188 B 17ms
16ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDA0ZmQ4YWUtYTA0Ny02NzY2LTQ3YzQtYzIwZDc0NmZlNTc4

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A0EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVyY2Z6zJ5oAYm7ZjjnLo4&google_cver=1

43 B
106 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVyY2Z6zJ5oAYm7ZjjnLo4&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVyY2Z6zJ5oAYm7ZjjnLo4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame E33C 0
750 B 14ms
14ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid: 69d7d782-47d0-47be-bd18-42816394f50a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 5905 0
750 B 27ms
15ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid: 92e6058b-8d08-45d1-9425-62c2a3fc2b00
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 906A 2 KB
3 KB 29ms
27ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0bfd0dff79ee8cf9ad3384e498edb5a9be959649128518c0cd57d0870c54f9ad

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YI90Wh8GCBehdDZLsvjnwQAA; CMPS=5182; CMPRO=1146; CMST=YI90WmCPdF4A; CMRUM3=e6608f745e27600&ee608f745e27600&27608f745e0b40&f1608f745e05a0&51608f745e05a0&2d608f745e05a0&29608f745e05a00&40608f745e05a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|73|88|206|5|241|90|13
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1720
Expires: Mon, 03 May 2021 03:56:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Connection: keep-alive
Set-Cookie: CMID=YI90Wh8GCBehdDZLsvjnwQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 May 2022 03:56:17 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 Aug 2021 03:56:17 GMT CMPRO=1146;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 Aug 2021 03:56:17 GMT CMST=YI90WmCPdGEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 04 May 2021 03:56:17 GMT CMRUM3=40608f745e05a0&58608f746105a0&ce608f746105a00&29608f745e05a00&5a608f746105a0&2d608f745e05a0&51608f745e05a0&0d608f746105a0&f1608f746105a0&2e608f746105a0&05608f746105a0&27608f745e0b40&49608f746105a00&e6608f745e27600&ee608f745e27600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 May 2022 03:56:17 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 2E8B 1 KB
3 KB 53ms
27ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e5add36cb347df039e2b0372cb9bec4173e38dff260c6475f70e12f69185b61

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YI90Wh8GCBehdDZLsvjnwQAA; CMPS=5182; CMPRO=1146; CMST=YI90WmCPdF4A; CMRUM3=e6608f745e27600&ee608f745e27600&27608f745e0b40&f1608f745e05a0&51608f745e05a0&2d608f745e05a0&29608f745e05a00&40608f745e05a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|73|4|130|5|156|152|45
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1409
Expires: Mon, 03 May 2021 03:56:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Connection: keep-alive
Set-Cookie: CMID=YI90Wh8GCBehdDZLsvjnwQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 May 2022 03:56:17 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 Aug 2021 03:56:17 GMT CMPRO=1146;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 Aug 2021 03:56:17 GMT CMST=YI90WmCPdGEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 04 May 2021 03:56:17 GMT CMRUM3=2d608f746105a0&98608f746105a00&9c608f746105a00&51608f745e05a0&40608f745e05a0&29608f745e05a00&27608f745e0b40&e6608f745e27600&49608f746105a00&ee608f745e27600&2e608f746105a0&82608f7461a8c0&f1608f745e05a0&04608f746105a0&05608f746105a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 May 2022 03:56:17 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 906A 0
0 14ms
13ms Image
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 906A 43 B
193 B 36ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 906A 85 B
259 B 202ms
196ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1620014177.074748,VS0,VE190
x-served-by: cache-hhn4046-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
content-length: 85
x-cache-hits: 0

GET
H2

200

YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 906A
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

43 B
88 B

33ms
32ms

Image
image/gif

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 03 May 2021 03:56:17 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
Connection: keep-alive
Content-Length: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 906A 0
0 34ms
14ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 906A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t

43 B
433 B

153ms
101ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:18 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 906A
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=39C2288EF39B471880AC08E082429A8D&gdpr=1

43 B
1 KB

621ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=39C2288EF39B471880AC08E082429A8D&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:17 GMT

Redirect headers

date: Mon, 03 May 2021 03:56:17 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=39C2288EF39B471880AC08E082429A8D&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 02 May 2021 03:56:17 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 906A
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=062f220402b4dcff72172ea0&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

25ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=062f220402b4dcff72172ea0&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:20 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=062f220402b4dcff72172ea0&expiration=[EXPIRATION]&gdpr=1
Date: Mon, 03 May 2021 03:56:20 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 906A 43 B
425 B 28ms
24ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YI90Wh8GCBehdDZLsvjnwQAA%261146
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:17 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3593
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 04:56:10 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 2E8B 0
0 17ms
14ms Image
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2E8B 43 B
88 B 34ms
31ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2E8B
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3842072525091506581

43 B
1 KB

640ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3842072525091506581
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:17 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3842072525091506581
pragma: no-cache
date: Mon, 03 May 2021 03:56:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 2E8B 43 B
430 B 38ms
31ms Image
image/gif 52.49.40.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 2E8B 0
0 15ms
12ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 2E8B 35 B
380 B 4649ms
96ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Mon, 03 May 2021 03:56:00 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2E8B
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=44b0ad74-a602-4d94-83e0-2553da1dd05f

43 B
1 KB

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=44b0ad74-a602-4d94-83e0-2553da1dd05f
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:21 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:21 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=44b0ad74-a602-4d94-83e0-2553da1dd05f
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2E8B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YI90Wh8GCBehdDZLsvjnwQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG9Fdaj7OIRWBwe2fCH6Ja0&google_cver=1

43 B
1 KB

106ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG9Fdaj7OIRWBwe2fCH6Ja0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG9Fdaj7OIRWBwe2fCH6Ja0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2E8B 43 B
425 B 25ms
24ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YI90Wh8GCBehdDZLsvjnwQAA%261146
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.aha-music.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:17 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3593
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 04:56:10 GMT

POST
H/1.1 204
No Content 171621 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 03F5 0
1 KB 55ms
55ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/171621
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 May 2021 03:56:18 GMT
X-SpotX-Timing-Transform: 0.000300
X-SpotX-Timing-SpotMarket: 0.035344
X-SpotX-Timing-Page-Mux: 0.000291
X-SpotX-Timing-Page-Require: 0.000373
X-fe: 002
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000024
X-SpotX-Timing-Page: 0.040080
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000331
Last-Modified: Mon, 03 May 2021 03:56:18 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.013795
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.aha-music.com
X-SpotX-Timing-Page-Misc: 0.003404
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.021549
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST openrtb
ads.adaptv.advertising.com/rtb/ Frame 03F5 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 03F5 0
61 B 16ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
date: Mon, 03 May 2021 03:56:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 03F5 0
0

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/15238/ Frame D257 38 KB
38 KB 46ms
15ms Script
application/json 65.9.84.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 02 May 2021 05:42:47 GMT
via: 1.1 f54d9ad301a95e7dcfde675e1cd5ba89.cloudfront.net (CloudFront)
last-modified: Thu, 02 Jul 2020 15:35:12 GMT
server: AmazonS3
age: 80012
etag: "2b2f816f40499d384e118ce88a266e02"
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age: 86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 38402
x-amz-cf-id: ToX6wHEQVdR08RkVEMwU7KE-CuNnrS9mowyJWoiE1J9G6GT5OXQEHQ==

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame BF05 636 B
577 B 17ms
17ms Document
text/html 5.178.65.252
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method: GET
:authority: s.e-planning.net
:scheme: https
:path: /esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

server: openresty
date: Mon, 03 May 2021 03:56:18 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
etag: W/"601b131c-27c"
expires: Sat, 02 May 2026 03:56:18 GMT
cache-control: max-age=157680000
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 e-planning Show response
sync.quantumdex.io/usersync/ Frame FFF1 3 KB
1 KB 164ms
139ms Document
text/html 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/e-planning
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a2e1435734130e51b5a385dbabb5f01644a62377fe11471e160efc070b8d40

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/e-planning
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Mon, 03 May 2021 03:56:18 GMT
content-type: text/html
set-cookie: __cfduid=d3b414d18c7e61a9b1d1318f249efa8051620014178; expires=Wed, 02-Jun-21 03:56:18 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=a595e247-d69c-4a2e-8b35-a018b9627ae5; expires=Sun, 23 May 2021 03:56:18 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 09d1f7ba1b000097fc05b0f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SYpTkcGqAYQ8P4XR57QizbsSSTAwPWW%2B5Bbu8RoYPTuJuJBqPCH4iUXyt5jdUxgWT2OPYZU85Sy%2BXGymyqGDkjRptTvZgHYCI2o3byBh5hfkCWZzgtvbeEeyyEfobbo%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64968f09c87d97fc-FRA
content-encoding: br

GET
H/1.1 200
OK Cookie set csync Show response
sync.console.adtarget.com.tr/ Frame DEB8 86 B
543 B 387ms
387ms Document
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AKHFD1bpbbEG7YeS
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host: sync.console.adtarget.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: vmuid=aed4ba2c45aeb3da; a322988=aed4ba2c45aeb3da
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

Server: VertaMedia 1.0
Date: Mon, 03 May 2021 03:56:18 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=aed4ba2c45aeb3da; expires=Sun, 04 Jul 2021 03:56:18 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=AKHFD1bpbbEG7YeS; expires=Sun, 04 Jul 2021 03:56:18 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

GET
H2 200 GS.d Show response
js.cookieless-data.com/ Frame BF05 0
367 B 1069ms
20ms Script
text/plain 51.158.29.13
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1620014178839

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-29-13.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:19 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame FFF1 0
478 B 55ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FFF1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5545279270872244402

43 B
469 B

136ms
135ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5545279270872244402
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:19 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SIJ4ZqlCJ%2BljLKUnFheq9RmyLZvmAZaDispDKxDAb4XR8SKRZ0VzIIGGs2ETnBQP9D58MsMAlMVVVEkLAZWBJRLzxKQfD4QKw80Y%2B62sHSijRWcr42%2B0NoNRViYZ8Ws%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cf-ray: 64968f0ac8b097fc-FRA
content-length: 43
cf-request-id: 09d1f7babe000097fc1ca97000000001

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:18 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.250:80
AN-X-Request-Uuid: cb069fa8-fdc6-4a60-8c3a-9297492fe72d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5545279270872244402
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FFF1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5545279270872244402

43 B
324 B

133ms
132ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5545279270872244402
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:19 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BRRdH9SIOK73CjhusvDqvoU5u8m01r4oG7fu0aucrJZcfY%2BWlITv2wuYaEmYMO2eRuvdnqcH4okJOdz0Q0zjDywVuP6lYbvac5FYccMpiIXS%2BbZpzJT8Qo1HRL6apK4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cf-ray: 64968f0ad8bd97fc-FRA
content-length: 43
cf-request-id: 09d1f7baca000097fc0d0f0000000001

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:19 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: 458d8161-7d2c-4ecf-af88-7b1424123f9f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5545279270872244402
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FFF1
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=d7997f9a-586a-527b-ab01-3e8fcb8e4aeb

43 B
456 B

132ms
131ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=d7997f9a-586a-527b-ab01-3e8fcb8e4aeb
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:20 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4n19vl%2BFCQEkhTcbhtYKGzrUq8CxtZPxegSxlnaCIR%2FJLdWNduZ4GNvGGyOFUcJUNJZ0NIKp3pqaUGHpb9eKxsgiyNQD2vz9%2BDxDG8Dd9goXZFYoGLY4Rw22fe0UwDc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cf-ray: 64968f118a0c97fc-FRA
content-length: 43
cf-request-id: 09d1f7bef3000097fc4026c000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=d7997f9a-586a-527b-ab01-3e8fcb8e4aeb
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FFF1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-yQGCHrVE2uH2O_fIpmuAs21GGYbylJ.69gj194s-~A

43 B
330 B

134ms
133ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-yQGCHrVE2uH2O_fIpmuAs21GGYbylJ.69gj194s-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:19 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5K1KUyAjzb7E3PxELKOQpi6a%2B2BritFz6xZZ9ghhAob%2BYD%2BLiDBp4HqCxdJGg%2F8B9VNVHVUUUQGS%2FnF73ZmX9cNcmiKVz7QXhhK%2FF6zJIXbToQfs1aao1li9wKE5U8E%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cf-ray: 64968f0ac8b697fc-FRA
content-length: 43
cf-request-id: 09d1f7bac0000097fc020c9000000001

Redirect headers

Date: Mon, 03 May 2021 03:56:18 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-yQGCHrVE2uH2O_fIpmuAs21GGYbylJ.69gj194s-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FFF1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5545279270872244402

43 B
328 B

248ms
246ms

Image
image/gif

2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5545279270872244402
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:19 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2lfDieCPKmCVvD6nuaJS%2B%2FHGM6QYmL%2BvmL%2B5OblsuKgdQcHt%2BQ0xI%2B11I6ixePp2ibhodKpDiQQgLqZiOoyoh1Mc30xda%2BaIH4vog8Kg2s7sHiDozn6TiSFHPcIj9z8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cf-ray: 64968f0af8cf97fc-FRA
content-length: 43
cf-request-id: 09d1f7badd000097fc11061000000001

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:19 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid: 02fd7878-4086-4a9a-aa30-0e95ce3e6a77
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5545279270872244402
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 um
sync.e-planning.net/ Frame FFF1 42 B
103 B 16ms
14ms Image
image/gif 46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=a595e247-d69c-4a2e-8b35-a018b9627ae5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:18 GMT
server: openresty
content-type: image/gif

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame EC92 43 B
551 B 37ms
13ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Mon, 03 May 2021 03:56:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YI90Z; path=/; domain=.go.sonobi.com

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 3216 2 KB
3 KB 37ms
37ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8046d43b428426b4f6ccccf0687ab1abbe215e9aa99e1d396e791ef8d0310a47

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YI90Wh8GCBehdDZLsvjnwQAA; CMPS=5182; CMPRO=1146; CMST=YI90WmCPdGEA; CMRUM3=27608f745e0b40&ee608f745e27600&49608f746105a00&e6608f745e27600&04608f746105a0&f1608f745e05a0&2e608f746105a0&82608f7461a8c0&05608f746105a0&2d608f74612760CAESEG9Fdaj7OIRWBwe2fCH6Ja0&98608f746105a00&51608f745e05a0&9c608f746105a00&40608f745e05a0&29608f745e05a00
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 88|206|3|65|47|241|5|188
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1656
Expires: Mon, 03 May 2021 03:56:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 03 May 2021 03:56:19 GMT
Connection: keep-alive
Set-Cookie: CMID=YI90Wh8GCBehdDZLsvjnwQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 May 2022 03:56:19 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 Aug 2021 03:56:19 GMT CMPRO=1146;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 01 Aug 2021 03:56:19 GMT CMST=YI90WmCPdGMA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 04 May 2021 03:56:19 GMT CMRUM3=2d608f74612760CAESEG9Fdaj7OIRWBwe2fCH6Ja0&98608f746105a00&ce608f746305a00&29608f745e05a00&58608f746305a0&40608f745e05a0&27608f745e0b40&05608f746305a0&04608f746105a0&bc608f746305a00&51608f745e05a0&9c608f746105a00&03608f746305a0&2f608f746305a0&41608f746305a0&ee608f745e27600&e6608f745e27600&49608f746105a00&f1608f746305a0&2e608f746105a0&82608f7461a8c0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 May 2022 03:56:19 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1BC6 2 KB
818 B 9ms
9ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 d
ic.tynt.com/r/ Frame 5336 0
0 113ms
113ms Document
text/plain 67.202.110.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ic.tynt.com
:scheme: https
:path: /r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

server: nginx/1.16.1
date: Mon, 03 May 2021 03:56:19 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 3216 85 B
169 B 98ms
94ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1620014179.039742,VS0,VE89
x-served-by: cache-hhn4046-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
content-length: 85
x-cache-hits: 0

GET
H2

200

YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3216
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

43 B
193 B

33ms
33ms

Image
image/gif

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:19 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 03 May 2021 03:56:19 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://pr-bh.ybp.yahoo.com/sync/casale/YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3216
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=1&gdpr_consent=

43 B
1 KB

1087ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:20 GMT

Redirect headers

Date: Mon, 03 May 2021 03:55:47 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d147608f-745d-4900-9a98-2c16c7c6709f&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 May 2021 03:55:46 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 3216
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1620100579&gdpr=1

43 B
315 B

61ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1620100579&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:19 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1620100579&gdpr=1
pragma: no-cache
date: Mon, 03 May 2021 03:56:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3216
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=GIvVYcFQ1LDpGV5&gdpr=1

43 B
1 KB

1089ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=GIvVYcFQ1LDpGV5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 03:56:20 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:18 GMT
Server: PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-06d48491beb38f0d2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=GIvVYcFQ1LDpGV5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3216
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t

43 B
433 B

101ms
101ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:19 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:19 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 ix
ad4m.at/ad/sim/ Frame 3216 0
0 26ms
16ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 3216 0
88 B 396ms
98ms Image
text/plain 52.4.236.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.236.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 200 setuid
sync.quantumdex.io/ Frame 3216 43 B
431 B 146ms
144ms Image
image/gif 2606:4700:20::681a:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YI90Wh8GCBehdDZLsvjnwQAABHoAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 03:56:19 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d1faDlHJluYCpZzMnCfBfI%2FSRnBVkrbKRXCRI81S487z7Xu2pU2bxQjum0hNltVJhEZZJisyzjcEbyLbqWJOIJubFBSIbJBaRzSqiuaUwBikfwbSsMGcpmQYEScXyME%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cf-ray: 64968f0af8ce97fc-FRA
content-length: 43
cf-request-id: 09d1f7badd000097fc29128000000001

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 18ms
18ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1620014170&vid_playerVer=3.1.0&s=99303&sta=0&x=500&y=281&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=1000&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014180886&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:20 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 17ms
17ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1620014170&vid_playerVer=3.1.0&s=99303&sta=0&x=500&y=281&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014180952&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:20 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 03F5 0
61 B 61ms
60ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
date: Mon, 03 May 2021 03:56:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content 171621 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 03F5 0
1 KB 35ms
34ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/171621
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 May 2021 03:56:21 GMT
X-SpotX-Timing-Transform: 0.000282
X-SpotX-Timing-SpotMarket: 0.015375
X-SpotX-Timing-Page-Mux: 0.000276
X-SpotX-Timing-Page-Require: 0.000316
X-fe: 052
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
X-SpotX-Timing-Page: 0.019340
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000276
Last-Modified: Mon, 03 May 2021 03:56:21 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.012736
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.aha-music.com
X-SpotX-Timing-Page-Misc: 0.002778
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.002639
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 03F5 0
218 B 24ms
24ms XHR
application/json 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-45-128.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 03F5 67 B
722 B 61ms
44ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11961761&componentId=prebid&componentSubId=mustang&timestamp=1620014181229&pKey=84277697&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.aha-music.com%2F&playerSize=400x225&schain=1.0,1!primis.tech,20535,1,,,
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 03:56:21 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.aha-music.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1620014180543087-378
Expires: Mon, 03 May 2021 03:56:21 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 03F5 0
61 B 16ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
date: Mon, 03 May 2021 03:56:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 18ms
18ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1620014170&vid_playerVer=3.1.0&s=99303&sta=0&x=500&y=281&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014181224&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:20 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 liveView.php
live.sekindo.com/live/ 43 B
298 B 22ms
22ms Image
image/gif 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1620014170&vid_playerVer=3.1.0&s=58057&sta=14427460&x=400&y=225&msta=11267578&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014181225&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:21 GMT
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 03F5 0
61 B 59ms
59ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.aha-music.com
date: Mon, 03 May 2021 03:56:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK chunklist_480.m3u8 Show response
video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/ 2 KB
3 KB 55ms
14ms XHR
application/vnd.apple.mpegurl 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/chunklist_480.m3u8
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: d06f12083c614b7db1a3f23f4944ea896c758183250ff3123c451667bef9df47

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:19 GMT
Last-Modified: Mon, 25 Jan 2021 07:34:52 GMT
Server: Tengine
ETag: "600e749c-9b9"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Mon, 10 May 2021 03:56:19 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 2489
X-Proxy-Cache: HIT

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 18ms
17ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1620014170&vid_playerVer=3.1.0&s=99303&sta=0&x=500&y=281&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014181357&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:20 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_480_00000.ts Show response
video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/ 390 KB
391 KB 22ms
22ms XHR
video/mp2t 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/w_480_00000.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: b612eda429717bfb978e8c693ef371a3174c0614d172c8500a99b2508bae9b4a

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:19 GMT
Last-Modified: Mon, 25 Jan 2021 07:32:55 GMT
Server: Tengine
ETag: "600e7427-6188c"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Mon, 10 May 2021 03:56:19 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 399500
X-Proxy-Cache: HIT

GET
BLOB 200
OK 685d0534-eff6-4b98-aaee-bdacfc8bf7e0
https://www.aha-music.com/ 65 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.aha-music.com/685d0534-eff6-4b98-aaee-bdacfc8bf7e0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 66258
Content-Type: text/javascript

GET
H/1.1 200
OK w_480_00001.ts Show response
video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/ 307 KB
307 KB 15ms
15ms XHR
video/mp2t 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/w_480_00001.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 70f0e227720c46257220e48a082d595535e60240fd454fcca6eeecca72344ea8

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:19 GMT
Last-Modified: Mon, 25 Jan 2021 07:32:57 GMT
Server: Tengine
ETag: "600e7429-4cbe0"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Mon, 10 May 2021 03:56:19 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 314336
X-Proxy-Cache: HIT

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 17ms
17ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=16&serverTime=1620014170&vid_playerVer=3.1.0&s=0&sta=11267578&x=400&y=225&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&contentFileId=1294822&mediaPlayListId=4928&mediaListId=20665&contentMatchType=&isExcludeFromOpt=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014181515&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:20 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_480_00002.ts Show response
video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/ 419 KB
420 KB 14ms
14ms XHR
video/mp2t 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/w_480_00002.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: fbbb6eff756b10c440fff0f94026ec93fce17ef7e294de588195eaaf8cf3a450

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:19 GMT
Last-Modified: Mon, 25 Jan 2021 07:32:59 GMT
Server: Tengine
ETag: "600e742b-68c94"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Mon, 10 May 2021 03:56:19 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 429204
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_480_00003.ts Show response
video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/ 373 KB
373 KB 14ms
14ms XHR
video/mp2t 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/w_480_00003.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 467739922e6fa965ceedf00208cb1a9a75457c69692da738f1a98e13eaf97fc3

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:19 GMT
Last-Modified: Mon, 25 Jan 2021 07:33:00 GMT
Server: Tengine
ETag: "600e742c-5d384"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Mon, 10 May 2021 03:56:19 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 381828
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_480_00004.ts Show response
video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/ 367 KB
367 KB 16ms
15ms XHR
video/mp2t 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/w_480_00004.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 86e9af43025336951a2a15a8db163beb31eb77af81958e83cafacb9b731b56ee

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:19 GMT
Last-Modified: Mon, 25 Jan 2021 07:33:02 GMT
Server: Tengine
ETag: "600e742e-5ba8c"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Mon, 10 May 2021 03:56:19 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 375436
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_480_00005.ts Show response
video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/ 374 KB
374 KB 15ms
14ms XHR
video/mp2t 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/w_480_00005.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: c813fa6e73e0c71ba76275c145ee1eb52952ba7cac64985d309cf49ed5ae819c

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:19 GMT
Last-Modified: Mon, 25 Jan 2021 07:33:04 GMT
Server: Tengine
ETag: "600e7430-5d730"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Mon, 10 May 2021 03:56:19 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 382768
X-Proxy-Cache: HIT

GET
H2 200 liveView.php
live.sekindo.com/live/ 0
226 B 18ms
17ms Image
text/html 185.229.227.132
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1620014170&vid_playerVer=3.1.0&s=99303&sta=0&x=500&y=281&vid_passDomain=www.aha-music.com&subId=www.aha-music.com&debugInformation=ABT%20%2F%20AdBck%20%2F%201%20%2F%20default&isApp=0&userIpAddr=89.249.64.171&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=608f745ab3d80&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1620014185952&uid=SekindoSPlayer608f745ac1cde&pubUrl=https%3A%2F%2Fwww.aha-music.com%2F&floatStatus=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.229.227.132 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:25 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200 ptrack Show response
a.audrte.com/ Frame D257 368 B
881 B 301ms
105ms XHR
text/plain 34.192.206.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptrack?arlocation=89.249.64.171&p=M1353665098&artime=2021-05-03T03:56:26.702Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by: Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.206.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 0bfe7da402bbbe311e9785ef3efa78fa975294fe9d903d878222e29bdab2a82d

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:26 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://ads.us.e-planning.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 264

GET
H2 200 rt=ifr Show response
bcp.crwdcntrl.net/5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame E034 1 KB
2 KB 42ms
42ms Document
text/html 34.251.130.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bbb3b2f42f6e3185f8c55e5dcb5e3f1a49a51eabc5cc10bab9429d14dcad7128

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_dc=1; _cc_id=45d6955b33e7146e22004a3e2c7378c8; _cc_cc="ACZ4XmNQMDFNMbM0NU0yNk41NzQxSzUyMjAwSTRONUo2Nza3SLZgAIKE%2FpJ4EA0FADl1Cec%3D"; _cc_aud="ABR4XmNgYGBI6C%2BJB1JQAAAWGgHD"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Mon, 03 May 2021 03:56:26 GMT
content-type: text/html;charset=UTF-8
content-length: 1144
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.4.80
set-cookie: _cc_id=45d6955b33e7146e22004a3e2c7378c8;Path=/;Domain=crwdcntrl.net;Expires=Fri, 28-Jan-2022 03:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQMDFNMbM0NU0yNk41NzQxSzUyMjAwSTRONUo2Nza3SLZgAIKE%2FpKsr%2F%2F%2F%2F%2BcHcSAAAJeaDfM%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 28-Jan-2022 03:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBI6C%2FJAlJQAAAWkwHO";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 28-Jan-2022 03:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E034 70 B
264 B 32ms
30ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame E034 62 B
304 B 156ms
155ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=83dc0f552270cc693e1c904f2e54cc42
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:26 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

tpid=YI90XwAAqTiNKQAC
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame E034
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YI90XwAAqTiNKQAC

49 B
238 B

34ms
33ms

Image
image/gif

34.251.130.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YI90XwAAqTiNKQAC
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:26 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.80
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620014187.760137,VS0,VE0
x-served-by: cache-hhn4046-HHN
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YI90XwAAqTiNKQAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E034
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=45d6955b33e7146e22004a3e2c7378c8&gdpr=1
https://id5-sync.com/c/19/19/9/1.gif?puid=45d6955b33e7146e22004a3e2c7378c8&gdpr=1&gdpr_consent=
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOeWJJ9nI2hQBHavzkP0E2qK640yHNT5ix8-Yj5Q/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/8/2.gif?puid=3842072525091506581&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=83dc0f552270cc693e1c904f2e54cc42&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOeWJJ9nI2hQBHavzkP0E2qK6...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NDVkNjk1NWIzM2U3MTQ2ZTIyMDA0YTNlMmM3Mzc4Yzg&google_redir={xENCODEDURL}&id5id=ID5-ZHMOeWJJ9nI2hQBHavzkP0E2qK640yHNT5ix8-Yj5Q

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NDVkNjk1NWIzM2U3MTQ2ZTIyMDA0YTNlMmM3Mzc4Yzg&google_redir={xENCODEDURL}&id5id=ID5-ZHMOeWJJ9nI2hQBHavzkP0E2qK640yHNT5ix8-Yj5Q

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:27 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NDVkNjk1NWIzM2U3MTQ2ZTIyMDA0YTNlMmM3Mzc4Yzg&google_redir={xENCODEDURL}&id5id=ID5-ZHMOeWJJ9nI2hQBHavzkP0E2qK640yHNT5ix8-Yj5Q
cache-control: no-cache
x-server: 10.45.22.206
content-length: 0
expires: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame E034
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d147608f-745d-4900-9a98-2c16c7c6709f

49 B
238 B

33ms
32ms

Image
image/gif

34.251.130.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d147608f-745d-4900-9a98-2c16c7c6709f
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:26 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.8.120
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Mon, 03 May 2021 03:55:55 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d147608f-745d-4900-9a98-2c16c7c6709f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 May 2021 03:55:54 GMT

GET
H2

200

tpid=78838e74-9b55-43a2-9963-e7bd60d74cb8
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame E034
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=45d6955b33e7146e22004a3e2c7378c8&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=78838e74-9b55-43a2-9963-e7bd60d74cb8

49 B
238 B

32ms
31ms

Image
image/gif

34.251.130.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=78838e74-9b55-43a2-9963-e7bd60d74cb8
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=818574621/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 03:56:26 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.82
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

date: Mon, 03 May 2021 03:56:26 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=78838e74-9b55-43a2-9963-e7bd60d74cb8
alt-svc: clear
content-length: 0

GET
H/1.1

200

p
a.audrte.com/ Frame D257
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=5924006585161571960
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESELH5XmY5n170qfo1nueQVdw&google_cver=1
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=34bmLnTslQNTcCRZ7gRCF9-yw&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206N...
https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
1 KB

100ms
99ms

Image
image/avif

34.192.206.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.206.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:27 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/avif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 03 May 2021 03:56:27 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

p
a.audrte.com/ Frame D257
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=34bmLnTslQNTcCRZ7gRCF9-yw&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=34bmLnTslQNTcCRZ7gRCF9-yw&gdpr=0&gdpr_consent=&google_gid=CAESELH5XmY5n170qfo1nueQVdw&google_cver=1
https://a.audrte.com/p

68 B
618 B

100ms
99ms

Image
image/avif

34.192.206.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.206.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:27 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/avif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 03 May 2021 03:56:27 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pixel
ps.eyeota.net/ Frame D257 1 KB
1 KB 57ms
14ms Image
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=34bmLnTslQNTcCRZ7gRCF9-yw&gdpr=0&gdpr_consent=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:27 GMT
Content-Length: 1241
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK w_480_00006.ts Show response
video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/ 352 KB
352 KB 23ms
22ms XHR
video/mp2t 185.167.98.14
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn4/video/users/hls/29874/video_5ffd67c61a4a3816983584/vid600e6497d22db751474230.mp4/w_480_00006.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.98.14 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 620306477b658ae30e509a5cb81cecd827e50ffa873e87a159c87f727be2d58b

Request headers

Referer: https://www.aha-music.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 03:56:25 GMT
Last-Modified: Mon, 25 Jan 2021 07:33:05 GMT
Server: Tengine
ETag: "600e7431-57f10"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Mon, 10 May 2021 03:56:25 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 360208
X-Proxy-Cache: HIT

OPTIONS rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D

Domain: ads.adaptv.advertising.com
URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11961761&componentId=prebid&componentSubId=mustang&timestamp=1620014178162&pKey=83561869&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fwww.aha-music.com%2F&playerSize=400x225&schain=1.0,1!primis.tech,20535,1,,,

Domain: cloudflareinsights.com
URL: https://cloudflareinsights.com/cdn-cgi/rum

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.aha-music.com/	1970-01-19 18:00:15	Name: __cf_bm Value: e2991c9a106dc1759e905e4cacbbf0bac93239ac-1620014170-1800-AeF+0hejQ0ngLMec/vigwpxNOXlck19qd7Iz4rWsr2lYnEHUc3HhCGp6nuFi9JnMiB0WN0iArIX+CYoTbASqlKDWPv/WHi+6of4R7XNU0GsEbjvzpdkJiecfvP/YH8nKR/j/e1r16hVK7VXjBbRC5tI=
			.aha-music.com/	1970-01-19 18:43:26	Name: __cfduid Value: def3afa59dcc8df9fa1c2f76fbe7f02da1620014168

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://hb.brainlyads.com/prebid.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	info	URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.aha-music.com/
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 95) Message: 200
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 95) Message: 200
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 95) Message: 200
console-api	log	URL: https://a.audrte.com/ptag?p=M1353665098(Line 127) Message: arResponse->{"pxcalls":"https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=\|https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=34bmLnTslQNTcCRZ7gRCF9-yw&gdpr=0&gdpr_consent=\|https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=34bmLnTslQNTcCRZ7gRCF9-yw&gdpr=0&gdpr_consent="}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a64875f7344906fd808afdb8aae3a1a.safeframe.googlesyndication.com
1bac27cdc39f9d3861cff4484fb58267.safeframe.googlesyndication.com
45aeb35e78d1838e6a2d6ac2e73b5233.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ap.lijit.com
as-sec.casalemedia.com
aufp.io
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bmc-cdn.nyc3.digitaloceanspaces.com
bn01.er.bemail.it
bttrack.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.admatic.com.tr
cdn.ampproject.org
cdn.buymeacoffee.com
cdn.jsdelivr.net
cdnjs.buymeacoffee.com
cloudflareinsights.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
cs.admanmedia.com
csync.loopme.me
cx.atdmt.com
d.turn.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
hb.brainlyads.com
hbopenbid.pubmatic.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
ids.ad.gt
idsync.frontend.weborama.fr
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
js.adscale.de
js.cookieless-data.com
live.sekindo.com
loadeu.exelator.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.ad.gt
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
pixels.ad.gt
pm.w55c.net
powerad.ai
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
ps.eyeota.net
report.hb.brainlyads.com
reporting.powerad.ai
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.trafmag.com
tag.1rx.io
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
video.primis.tech
www.aha-music.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.adaptv.advertising.com
ads.stickyadstv.com
cloudflareinsights.com
sync.mathtag.com
104.111.230.142
104.111.237.88
104.117.200.100
142.250.185.98
142.250.186.98
151.1.205.165
151.101.114.49
151.101.13.44
154.57.158.51
159.253.128.183
162.243.189.2
162.55.3.20
168.119.146.39
178.162.133.149
178.250.2.151
18.158.173.146
18.184.216.10
18.197.99.6
18.198.69.109
18.211.226.152
185.167.98.14
185.183.112.155
185.184.8.30
185.229.227.132
185.29.135.234
185.33.220.241
185.33.221.90
185.64.189.112
185.64.189.115
185.64.190.80
185.94.180.124
185.94.180.126
188.42.191.196
192.132.33.46
193.200.65.5
198.148.27.140
2.18.232.130
2.18.233.180
2.18.233.201
2.18.234.21
2.18.234.233
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.100.17.175
212.82.100.182
213.19.147.42
213.19.147.44
216.52.2.48
23.20.158.212
23.45.99.241
2606:4700:10::ac43:db6
2606:4700:20::681a:24e
2606:4700:20::681a:b27
2606:4700:20::ac43:4a81
2606:4700:3035::ac43:c984
2606:4700::6810:5e41
2606:4700::6810:5f41
2606:4700::6810:a723
2606:4700::6810:ef3
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:802::2001
2a00:1450:4001:803::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c02::9b
2a00:f48:2000:1023::3
2a02:fa8:8806:12::1370
2a02:fa8:8806:13::1370
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
2a05:d018:24:b002:28a5:2c7e:9fea:57ab
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
3.121.49.210
3.123.45.128
3.126.56.137
3.215.247.12
34.192.206.153
34.216.128.100
34.231.105.138
34.251.130.56
34.98.67.61
35.157.48.14
35.201.81.244
35.227.248.159
35.227.252.103
35.244.159.8
35.244.174.68
37.157.2.238
37.157.6.245
46.249.52.248
46.249.52.249
5.178.65.252
50.112.180.98
51.158.29.13
51.38.120.206
51.89.21.31
52.0.135.151
52.24.36.224
52.29.225.117
52.31.176.223
52.33.73.108
52.4.152.106
52.4.236.19
52.40.230.171
52.49.40.147
52.58.45.227
52.86.150.190
52.94.232.32
52.95.124.170
54.170.10.95
54.234.151.247
54.74.77.155
62.149.0.72
62.209.227.211
63.251.232.170
65.9.84.114
65.9.86.127
66.155.71.149
66.155.71.25
67.202.110.33
69.173.144.138
76.223.111.131
85.114.159.93
88.214.206.142
89.163.159.101
010dcefa74883f48ca1a2590c7efea87ef8b78e2efe19191550852332d13a27c
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
0376ec5bbec638ffc84ab75ffb121113469ba413b738973f5fae2df01ff63bdc
04270931118898ee0c5a4c5dd3a5e2c5a383b45d6a41f385998fd62021403451
050e2b10197c5b3e627eb01a4f8639a3ef26d881a0502fa83e5f8d41e64b1d75
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
05b2fb81070dc918ce1521a6f176bb23e44d395b38bf5b3a8e85b520272cdc40
06b0f91f690a5ddc096187307c63af0de19dc9d61cc95ef686e283c843895bb9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
084063d1c007bb135bd9dac17880c5b6f32141440835e1d4824ecb962be9f7ac
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfd0dff79ee8cf9ad3384e498edb5a9be959649128518c0cd57d0870c54f9ad
0bfe7da402bbbe311e9785ef3efa78fa975294fe9d903d878222e29bdab2a82d
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e733f03e06604b971168a5137f636ca9b30e31bbeed5fff8221fdbc0f0f3b42
0fafb552a5b9db2173674985a5729d3deab8a986cf3c95b18858fbcb8af9d0cd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
185b932ec0174b3159d3abcbbaa8a952267f18b9112c368cd8bd9c298cb927e7
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1a1903a3907af4f6f77417b33bdc64e871a01e2fae867d5917d9cd9b2a10a9d7
1c5d9d6673cf880d4ed272a50fa5dff64739487720120d0252825ac87696ca86
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2054327b1f4678abefcf46666f6ab7d2fff992ee07e0e67aa9ee8d597c03657c
212dbb1355753cfd62f60e8a6b50780045507f1fe274d0da694a33cccaad9757
2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
241e4e553d88785f2ce15f635f3a2f10ed8f6642a4da85e48d17964cbe388152
2522a9407560dfbfb46c6db5598b76a6aace3507e2912b71c785c2c9305a8e81
255682b89003de8f5e41c67d1d00e13907df02240220a328aceda2fa370678b4
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
32cc1b4c9c93a589c0d7daebf1fe9d005b634d718f3eb531b140efdd2a2489c3
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a244f460325dabb61cf6f87964598e4f347d26030af9cb5469e157e32492207
3a59c27495827e4143463e6e0f8d4e97188e9e29792cd34128f17e0dcb18af5d
3c80d3744eee400549417a0fd3a454e836fb8f1fd040a3e320a0228577d8d68f
3e35ce33f0bf35b7dc2569b494f27675b856043a57ecc024b11a0da5b1db3692
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f774f25f843224d9c22169422ba75a78b3def0a790557b9d945305e9929c6d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
440243574e3bfd8a773c92a7ce2b19cd18f942b116eb253623d11bc887668307
467739922e6fa965ceedf00208cb1a9a75457c69692da738f1a98e13eaf97fc3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b20ab167d41a539b322c9836e032ed9898fa58ebd39c6b762b49ca1c508b26
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a323bcbcd52886051ce5a77149376576a445203c1e765e79043a8a7b559574e
4b30dc80070eb3ac5989ab59ccb58de02b471536b8f6c06c451bb2a234f5a84f
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4d299b65cd96730b837263fbacbd2432b9f4f6888d121aa16851bd57ac0ebba8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
5229c1b57bfd8d5294de4b9df14ec9bfe2538b51eea22ab2f35e808b32cdac38
52895609985ce111d4155d4874235999fde1587867d07ed2f1c6074c3aa87c7b
538ffb02a394cc2e9241b29eb65900685df30989a5d8df07fa4fb09ba782ad8e
545c416bf0b62932ab60d27ad6d495bd42b4e6a02e92f480c81dddda7f9838dc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ccc50cd9d7cc3470c8358050b719ffdd395be6e6cb2472fb73309bb8b5400b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5710df69f1ed0e6fcb5b1b117d4c0bf98d90e4d57441cb3974068af6fc3fd26a
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5c2e892559cfeea1420ec776b6af87c35d197ba4be60f9660f955e2f287c6cf4
5da0885bb2c76cc8a1e731b51af8e74a7b04b3e7b166d94b5062b13eaac57263
6073d8576314e4d9ceb122954e2a5e5a85ad71301323ce6ccf4c8e5a837f162b
61c3b08e3e2fc6d96995d82e6090a92ceff78bf597f1180013caeed0cce99a61
620306477b658ae30e509a5cb81cecd827e50ffa873e87a159c87f727be2d58b
62a4dbafadf8eef4ac15b30b5f0dba606196730c1a28cc57497cc9e9ec1fe4a8
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e5ac641a594d3e75dafa96f0ef3ce4cac642ecb3311698461beefc164e0f81
67b8e3fc7a54a958feacef9881fb6534de8ef10dd87b324b0084b20ebf6d99a2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6885f0f9e2471215c58c630a45a4c52d421166db93b2f9388a96e122c9176ee6
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70f0e227720c46257220e48a082d595535e60240fd454fcca6eeecca72344ea8
722a19cca834da092710eecd4183834bd6206f9a2f9b3ec4d915a843028e90d1
72f15ab47840516adf69592a1a3469656129af1352b9eac5f6d63cdc068bbc64
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
77cb318ebdb050a24303d2ede571dff77c78cd1da75483e7aee8b8f015a6fc0a
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8046d43b428426b4f6ccccf0687ab1abbe215e9aa99e1d396e791ef8d0310a47
823ce21e3164880b6c199d5f35f6de79c7fed73389beac691161f129ab86cd8d
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c6b160c799ede3b8a011b725280e1b51d5e8802c30b268e71dcec561e2fb25
86e9af43025336951a2a15a8db163beb31eb77af81958e83cafacb9b731b56ee
872bc0a14f0dfe009d247731a8d1bebac7769a2b159310bbf25be4e9e34366a8
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8900958167b73d73b80a207206affb2ffc041ecb053f57d0c814d359b00b0d4a
89d2e87bd79191af306f424d635ebf6bab09aa45216324b8c06e1a5dd6ea7bb3
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc50845649eef3ca755e444896a607b1dd75260a815da51be1f67d2c2b7ce2d
8dfe860a2ab24bbb47c49379451e12c69358ef8a10dc17e9592049ffa7403f1d
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e5add36cb347df039e2b0372cb9bec4173e38dff260c6475f70e12f69185b61
8f5d0d6ea45c127cad3eff041b66d92363a003dbe9fc5bab785ed39d4f0154ed
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
9034b8c6d9ba4394f00c1d9beef4311bfbc448a1ac8a8791c708325c229a8beb
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
937a4661479a0e4c4d8c22cc736cc9f893c427ecdc71b121da6e2f419a116088
98ce445d92327ec6e0d63247847bb336c5eaf704fcd039d03113140a9a353813
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a337bcb394c0baacce92af8b5a7fd06fdf88e12d89feae545e3565dcd1c2eb67
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a93e4d6aa2bff3aa5914d7f1160373bc7d5ee478476685a22aa804f936f986c5
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab4883df74435cbd0eb4d9ddfa492e7cc2a4be7ceff47fcefe82199aed9c4ed0
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0c128a4a4d72f46203d918df8c11774101cb838b5a1522449f5e0c52fcaa3c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b2c52d0bbaed0d780ca8855b7d8dfef4632d91e1eeb3bded23f9eee3f97435
b612eda429717bfb978e8c693ef371a3174c0614d172c8500a99b2508bae9b4a
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
b71cd9b9c53e9703096bc07e7459e6a17452399394607cc2afd5f6b475bc4536
b8b0577a80201d05a5728fb39e193078ed6a48a7f2b23e0a2b44b011baa26d03
ba8319fda1e7ce329a90acf0efa643a5f0b4da10cd11a9ede9c1237221e818dd
bbb3b2f42f6e3185f8c55e5dcb5e3f1a49a51eabc5cc10bab9429d14dcad7128
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd85740788924ed9efc484d807b0059db1aa8cec979b7acbf92b35329056db6a
bf4b726e00f4ac727c109c26141024e8dcc5e17268d1f3f119a492f5c2f5748c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3bfe9fd85fd830a172efa04144b22cabd5c424dd0aa4e0b7d8e6802f6626825
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6cdac8037cc4e231d93c7753917bb7bcf46449d89d1a05cf306a122066112c0
c813fa6e73e0c71ba76275c145ee1eb52952ba7cac64985d309cf49ed5ae819c
c9e213ccbfe5a18fe34daa88cd1d5578b6324d511341ddf4e61097ed111658e1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd262ed22e1fdbb166e68b6c414561593d86b729d271ecbfa30cb1dd38528908
cdf8b7c774c8d0e5a2447231f1d8dd90521f8e6c54589c851c413118f03188b7
d06f12083c614b7db1a3f23f4944ea896c758183250ff3123c451667bef9df47
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d3488d0194cc5aa29056cd44d1564c46c629e5a335ae3baa073e2baf57865aea
d8c5f84a43b4e58ff6b38e976c430a3a4122554b1ab56c32f91ed69be1c4b2de
dcbc6eacf5a74ccda53724fd84db3d61812dfac4d1d20cff2e71bd8da8f06bcc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6338fdd554e89b0a8fcaaa5b4650c5f82445e7a8f1339c183d0b7f1c5e7cc3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df151e22be1dd1d0b9c8e0748aafc86c9ad2b73a965fdb159040f517bbb6db9b
df8b8eed2ce43f8c47485a39b1d4b3c2b1f2253c7c74584392583da180160072
e1ae563ee20e2bfe5aedf736d8e3814982d73223a385024ccee369e8ca31f245
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f6e033378d3cdd051b23ab96191f1280558a2f94bcb0da6079dcdea09a5612
e579bc20c9ff1d66993932671e73445eb4a8a81221603735e9d4b3d827e90059
e5a2e1435734130e51b5a385dbabb5f01644a62377fe11471e160efc070b8d40
e64ec30c702d258a68d5fa072661304c3c566db12e94e154679794f8b6e91d7b
ea269cc58b756729fe62648248d643f60fb4d5219d0ce0d41976737bf016eda4
eb1fd02189624a86c7963fdb274cc4c1ee58a9246cb2ab9117477d0d88e121ec
eb4381e2dbb27a1489557090da9d86f0db38ab284fe0be6d5bd70c44b7b451b3
eba4678fa0a351c47d18de41137b4a1e2aa94125f9e04e5e2540f9fa42492a3a
ec280066bf73144ca489e17349293da20108290ebfde1e1b8840e3435f53ad12
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4bf51176acbcf63305662fe622b75d1d2e16c37d3271c9f8ab16f1b72558b3
efb2d294de01c08e183611b3e4dc4b46ee34e387e621c15c8ba0947925c29abd
f3dbac07edc89651dc151dfad122d4491a447481a89d29788e961ffe2538ba52
f83f2a3dffee7fcc46e393644e7389107244666e150a2e44a20499b081bdf9b3
f93ee9a3f0bc918b7e0ae57f6b5753477e092633eaaaf85b7c41c3d419c68b31
fbbb6eff756b10c440fff0f94026ec93fce17ef7e294de588195eaaf8cf3a450
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fc086cbe77639c3ddd5b1ab3d6d6073d868532e69d2e13d16184473fde25b2ef
fc59b47eb644a7b8cb715dccb44851074433aae55a65a7debc8013b4dda8db34

www.aha-music.com Open in urlscan Pro 2606:4700:3035::ac43:c984 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

417 Requests

98 %HTTPS

28 %IPv6

102 Domains

156 Subdomains

106 IPs

12 Countries

5648 kBTransfer

11175 kBSize

2 Cookies

6 Outgoing links

Redirected requests

417 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.aha-music.com Open in urlscan Pro
2606:4700:3035::ac43:c984 Public Scan

Screenshot
Live screenshot

Full Image

417
Requests

98 %
HTTPS

28 %
IPv6

102
Domains

156
Subdomains

106
IPs

12
Countries

5648 kB
Transfer

11175 kB
Size

2
Cookies

417 HTTP transactions
2 data transactions