urlscan.io logo urlscan.io
SecurityTrails logo

bewab.co Open in urlscan Pro
2606:4700:20::681a:e3e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bewab.co/
Effective URL: https://bewab.co/
Submission: On August 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 136 IPs in 16 countries across 118 domains to perform 573 HTTP transactions. The main IP is 2606:4700:20::681a:e3e, located in United States and belongs to CLOUDFLARENET, US. The main domain is bewab.co.
TLS certificate: Issued by GTS CA 1P5 on July 13th 2023. Valid for: 3 months.
This is the only time bewab.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:238... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
7 69.16.175.10 20446 (STACKPATH...)
1 24 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 3.221.13.170 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
5 52.222.139.112 16509 (AMAZON-02)
1 2600:9000:225... ()
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
3 162.19.138.120 16276 (OVH)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
2 6 52.31.175.73 16509 (AMAZON-02)
24 2a00:1450:400... 15169 (GOOGLE)
1 54.211.96.115 14618 (AMAZON-AES)
1 178.250.7.13 44788 (ASN-CRITE...)
14 2001:4860:480... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
2 64.233.166.156 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
10 35.244.159.8 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
15 19 142.250.186.34 15169 (GOOGLE)
2 11 185.80.39.216 27381 (CASALE-MEDIA)
11 14 185.89.211.84 29990 (ASN-APPNEX)
2 142.250.185.98 15169 (GOOGLE)
1 37.18.16.22 205675 (HYBRID-AS)
5 5 23.60.204.187 16625 (AKAMAI-AS)
12 104.79.89.214 16625 (AKAMAI-AS)
1 4 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.194 15169 (GOOGLE)
8 142.250.185.66 15169 (GOOGLE)
2 69.173.144.139 26667 (RUBICONPR...)
9 161.35.253.218 14061 (DIGITALOC...)
1 2 35.158.0.70 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 35.71.131.137 16509 (AMAZON-02)
1 162.19.138.118 16276 (OVH)
7 137.184.242.150 14061 (DIGITALOC...)
3 34.107.148.139 396982 (GOOGLE-CL...)
3 185.86.138.123 201081 (SMARTADSE...)
3 216.52.2.30 32475 (SINGLEHOP...)
3 18.193.141.18 16509 (AMAZON-02)
3 2602:803:c003... 26667 (RUBICONPR...)
1 2a06:8640:454... 55081 (24SHELLS)
3 69.166.1.8 27630 (AS-XFERNET)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 209.205.197.154 55081 (24SHELLS)
1 209.205.201.34 55081 (24SHELLS)
1 5 193.3.178.3 399668 (E-PLANNING-)
2 98.98.134.242 21859 (ZEN-ECN)
2 8.2.110.24 46636 (NATCOWEB)
2 35.227.252.103 15169 (GOOGLE)
2 193.3.178.1 399668 (E-PLANNING-)
12 193.3.178.4 399668 (E-PLANNING-)
2 2 107.20.253.198 14618 (AMAZON-AES)
12 69.166.1.66 27630 (AS-XFERNET)
2 2 44.205.87.2 14618 (AMAZON-AES)
10 23.32.184.192 16625 (AKAMAI-AS)
3 172.64.148.101 13335 (CLOUDFLAR...)
2 205.234.175.175 30081 (CACHENETW...)
1 5 51.89.9.253 16276 (OVH)
19 2606:4700:10:... 13335 (CLOUDFLAR...)
2 6 198.47.127.19 62713 (AS-PUBMATIC)
1 2 209.54.182.161 16509 (AMAZON-02)
1 1 185.183.112.148 60350 (VP)
7 8 151.101.194.49 54113 (FASTLY)
5 6 37.157.6.233 198622 (ADFORM)
2 63.251.232.165 32475 (SINGLEHOP...)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 2 37.157.5.132 198622 (ADFORM)
1 2a04:4e42:200... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
1 2a05:d018:24:... 16509 (AMAZON-02)
2 5 52.49.6.152 16509 (AMAZON-02)
2 3 18.198.126.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.82 24961 (MYLOC-AS ...)
2 4 3.75.62.37 16509 (AMAZON-02)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 34.249.132.204 16509 (AMAZON-02)
1 162.55.233.29 24940 (HETZNER-AS)
1 1 54.85.70.234 14618 (AMAZON-AES)
2 8 52.94.223.37 16509 (AMAZON-02)
4 2.23.197.190 16625 (AKAMAI-AS)
2 2 52.48.19.12 16509 (AMAZON-02)
1 2 69.173.144.138 26667 (RUBICONPR...)
8 14 35.156.208.169 16509 (AMAZON-02)
2 54.195.201.40 16509 (AMAZON-02)
3 76.223.111.18 16509 (AMAZON-02)
1 1 178.250.1.9 44788 (ASN-CRITE...)
12 198.47.127.205 62713 (AS-PUBMATIC)
1 1 2620:116:800d... 16509 (AMAZON-02)
9 185.64.190.80 62713 (AS-PUBMATIC)
3 52.72.213.198 14618 (AMAZON-AES)
1 1 35.214.143.153 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
5 6 52.211.223.84 16509 (AMAZON-02)
1 1 185.86.138.151 201081 (SMARTADSE...)
5 7 208.93.169.131 46244 (WEBMD-IDC...)
2 2 193.0.160.130 54312 (ROCKETFUEL)
2 2 213.155.156.182 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 35.186.193.173 15169 (GOOGLE)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 35.186.154.107 396982 (GOOGLE-CL...)
1 1 141.94.161.158 16276 (OVH)
2 2 141.94.171.215 16276 (OVH)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.72.179.138 14618 (AMAZON-AES)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
1 1 35.157.245.159 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 2001:678:cb4:... 56396 (AMOBEE)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 98.98.134.243 21859 (ZEN-ECN)
2 21 34.247.233.198 16509 (AMAZON-02)
6 8 64.202.112.127 22075 (AS-OUTBRAIN)
2 2 52.45.96.25 14618 (AMAZON-AES)
2 169.197.150.8 398989 (DEEPINTENT)
2 34.253.249.200 16509 (AMAZON-02)
2 81.17.55.171 60781 (LEASEWEB-...)
2 2 202.241.208.54 4694 (IDCF IDC ...)
2 80.77.87.161 46636 (NATCOWEB)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
3 95.101.148.20 16625 (AKAMAI-AS)
1 2a01:4f8:262:... 24940 (HETZNER-AS)
1 12 23.227.139.243 55081 (24SHELLS)
1 23.227.151.226 55081 (24SHELLS)
2 2 37.157.4.29 198622 (ADFORM)
1 67.202.105.31 32748 (STEADFAST)
1 1 52.73.44.187 14618 (AMAZON-AES)
2 2 3.120.23.80 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 2 3.140.85.27 16509 (AMAZON-02)
3 2001:678:cb4:... 56396 (AMOBEE)
1 159.89.246.130 14061 (DIGITALOC...)
1 95.101.54.233 20940 (AKAMAI-ASN1)
2 2 3.122.33.96 16509 (AMAZON-02)
1 184.72.156.158 14618 (AMAZON-AES)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 1 35.210.239.72 19527 (GOOGLE-2)
2 198.47.127.20 3257 (GTT-BACKB...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.55.120.196 24940 (HETZNER-AS)
4 4 46.228.174.117 56396 (AMOBEE)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 141.94.171.212 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
573 136
27    2606:4700:20::681a:e3e (United States)

ASN13335 (CLOUDFLARENET, US)
bewab.co
7    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
imasdk.googleapis.com
1    2600:9000:238d:a200:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    2600:9000:225e:9800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
8    2606:4700:20::681a:644 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
7    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
tg1.aniview.com
player.avplayer.com
play.aniview.com
24    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    3.221.13.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-13-170.compute-1.amazonaws.com
track1.aniview.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    52.222.139.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-112.ams50.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:7800:a:e047:753:6381 (United States)

ASN- ()
cdn.prod.uidapi.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
6    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a02:26f0:480:7b5::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    2a00:1450:4001:829::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
3    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    52.31.175.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
24    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    54.211.96.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-96-115.compute-1.amazonaws.com
go1.aniview.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
14    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
34    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    64.233.166.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f156.1e100.net
bid.g.doubleclick.net
14    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
pixfuture2-d.openx.net
us-u.openx.net
u.openx.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
4    2a00:1450:4001:1a::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r1---sn-4g5edndz.c.2mdn.net
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
22    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
19    142.250.186.34 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
11    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
14    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    142.250.185.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
1    37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, DE)
dm.hybrid.ai
5    23.60.204.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-204-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    104.79.89.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-214.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    142.250.185.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
8    142.250.185.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ade.googlesyndication.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
9    161.35.253.218 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
2    35.158.0.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-0-70.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
7    137.184.242.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebidserver.pixfuture.com
3    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    185.86.138.123 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    18.193.141.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-141-18.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2a06:8640:454:0:e082:abff:fefe:d1d2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
3    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
1    209.205.197.154 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb1.adtelligent.com
1    209.205.201.34 (Piscataway, United States)

ASN55081 (24SHELLS, US)
PTR: static-34-201-205-209.24shells.net
ghb2.adtelligent.com
5    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel.sitescout.com
2    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    193.3.178.1 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
12    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-ams03.e-planning.net
2    107.20.253.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-253-198.compute-1.amazonaws.com
ssp.disqus.com
12    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    44.205.87.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-87-2.compute-1.amazonaws.com
cookies.nextmillmedia.com
10    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
ssum-sec.casalemedia.com
2    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
5    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
19    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
6    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
8    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
1    2a05:d018:24:b002:30d4:cd9b:2350:dbd6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
5    52.49.6.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-6-152.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
loada.exelator.com
1    151.1.205.165 (Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.82 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
4    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    34.249.132.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-132-204.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
1    54.85.70.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-70-234.compute-1.amazonaws.com
usermatch.krxd.net
8    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    52.48.19.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-19-12.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
14    35.156.208.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.195.201.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-201-40.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
12    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    52.72.213.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-213-198.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.214.143.153 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 153.143.214.35.bc.googleusercontent.com
csync.loopme.me
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
6    52.211.223.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-223-84.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
7    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    35.186.154.107 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    141.94.161.158 (France)

ASN16276 (OVH, FR)
PTR: bixel-1.cloudy.ovh
green.erne.co
2    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel-eu.onaudience.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.72.179.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-179-138.compute-1.amazonaws.com
a.audrte.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
4    2a05:d018:d29:3602:5341:747:cc9:c512 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.157.245.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-245-159.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
21    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
8    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
b1sync.zemanta.com
2    52.45.96.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-96-25.compute-1.amazonaws.com
sync.ipredictive.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    34.253.249.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-249-200.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    81.17.55.171 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
2    202.241.208.54 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    2a01:4f8:262:3e0c::2 (Wernigerode, Germany)

ASN24940 (HETZNER-AS, DE)
s.console.adtarget.com.tr
12    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.console.adtarget.com.tr
1    23.227.151.226 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
1    52.73.44.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-44-187.compute-1.amazonaws.com
nep.advangelists.com
2    3.120.23.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-23-80.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    3.140.85.27 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-85-27.us-east-2.compute.amazonaws.com
x.videobyte.com
3    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
1    95.101.54.233 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    3.122.33.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-33-96.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    184.72.156.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-156-158.compute-1.amazonaws.com
rtb.adentifi.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
72 googlesyndication.com
563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 340
356 KB
61 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
bid.g.doubleclick.net — Cisco Umbrella Rank: 1014
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
531 KB
42 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 672
ads.pubmatic.com — Cisco Umbrella Rank: 651
image6.pubmatic.com — Cisco Umbrella Rank: 989
simage2.pubmatic.com — Cisco Umbrella Rank: 982
image2.pubmatic.com — Cisco Umbrella Rank: 1137
simage4.pubmatic.com — Cisco Umbrella Rank: 1434
81 KB
28 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1319
r1---sn-4g5edndz.c.2mdn.net — Cisco Umbrella Rank: 523937
s0.2mdn.net — Cisco Umbrella Rank: 352
10 MB
27 bewab.co
bewab.co
323 KB
24 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248
eus.rubiconproject.com — Cisco Umbrella Rank: 737
token.rubiconproject.com — Cisco Umbrella Rank: 748
fastlane.rubiconproject.com — Cisco Umbrella Rank: 647
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2567
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
69 KB
24 pixfuture.com
cdn.pixfuture.com — Cisco Umbrella Rank: 46735
served-by.pixfuture.com — Cisco Umbrella Rank: 43056
prebidserver.pixfuture.com — Cisco Umbrella Rank: 47485
580 KB
23 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1791
usersync.gumgum.com — Cisco Umbrella Rank: 2073
8 KB
21 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2684
s.e-planning.net — Cisco Umbrella Rank: 6738
u-ams03.e-planning.net — Cisco Umbrella Rank: 37506
i.e-planning.net — Cisco Umbrella Rank: 5827
sync.e-planning.net — Cisco Umbrella Rank: 5313
7 KB
19 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3551
mwzeom.zeotap.com — Cisco Umbrella Rank: 3473
6 KB
19 gstatic.com
fonts.gstatic.com
csi.gstatic.com
110 KB
15 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2845
sync.go.sonobi.com — Cisco Umbrella Rank: 1195
14 KB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 372
4 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
secure.adnxs.com — Cisco Umbrella Rank: 542
10 KB
14 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760
ssum.casalemedia.com — Cisco Umbrella Rank: 1560
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564
10 KB
14 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1546
google-bidout-d.openx.net — Cisco Umbrella Rank: 1553
pixfuture2-d.openx.net — Cisco Umbrella Rank: 53475
rtb.openx.net — Cisco Umbrella Rank: 990
us-u.openx.net — Cisco Umbrella Rank: 605
u.openx.net — Cisco Umbrella Rank: 935
2 KB
13 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6604
ghb1.adtelligent.com — Cisco Umbrella Rank: 9491
ghb2.adtelligent.com — Cisco Umbrella Rank: 11633
sync.adtelligent.com — Cisco Umbrella Rank: 3639
s.adtelligent.com — Cisco Umbrella Rank: 6408
8 KB
11 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1073
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
sync.crwdcntrl.net — Cisco Umbrella Rank: 1028
51 KB
11 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 12754
track1.aniview.com — Cisco Umbrella Rank: 2078
player.aniview.com — Cisco Umbrella Rank: 1997
play.aniview.com — Cisco Umbrella Rank: 19358
go1.aniview.com — Cisco Umbrella Rank: 6510
831 KB
10 adform.net
c1.adform.net — Cisco Umbrella Rank: 720
dmp.adform.net — Cisco Umbrella Rank: 3746
cm.adform.net — Cisco Umbrella Rank: 1329
5 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142
5 KB
8 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1650
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
3 KB
8 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 964
2 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
2 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
storage.googleapis.com — Cisco Umbrella Rank: 529
imasdk.googleapis.com — Cisco Umbrella Rank: 600
269 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 678
4 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 885
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 2338
dis.criteo.com — Cisco Umbrella Rank: 745
8 KB
6 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 928
2 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 1080
d.turn.com — Cisco Umbrella Rank: 1708
1 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 727
3 KB
6 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1706
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 817
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027
2 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1481
contextual.media.net — Cisco Umbrella Rank: 764
25 KB
6 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1611
creativecdn.com — Cisco Umbrella Rank: 674
3 KB
5 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26823
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24211
1 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 240
5 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 984
131 B
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2706
www.google.com — Cisco Umbrella Rank: 3
2 KB
4 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 13070
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 13926
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3076
3 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18442
pixel.onaudience.com — Cisco Umbrella Rank: 3601
2 KB
4 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 776
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 615
2 KB
4 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3539
cs.admanmedia.com — Cisco Umbrella Rank: 1168
40 B
4 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3547
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377
534 B
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1013
id5-sync.com — Cisco Umbrella Rank: 440
28 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 702
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 976
333 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 437
418 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 757
usermatch.krxd.net — Cisco Umbrella Rank: 1796
943 B
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 9513
loada.exelator.com — Cisco Umbrella Rank: 29169
2 KB
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 4020
pixel-sync.sitescout.com — Cisco Umbrella Rank: 948
561 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1352
457 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 864
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
170 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2102
www.google-analytics.com — Cisco Umbrella Rank: 62
21 KB
3 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 14882
280 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
230 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1400
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1025
s.tribalfusion.com — Cisco Umbrella Rank: 2306
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1136
1 KB
2 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 4947
460 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1249
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1218
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 802
397 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 667
572 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1219
83 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1183
930 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1009
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5227
560 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
2 KB
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 26293
427 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856
1 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 722
sync.taboola.com — Cisco Umbrella Rank: 1173
381 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1649
565 B
2 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 4053
406 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1602
467 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 649
fid.agkn.com Failed
985 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 157
2 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 54384
get.optad360.io — Cisco Umbrella Rank: 34665
1 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4957
464 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1497
527 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8584
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5572
237 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1495
35 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
652 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3665
278 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1914
160 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 3583
184 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 6713
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3020
555 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 8029
345 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 29168
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3672
639 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3654
308 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6848
369 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7279
280 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1719
553 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1140
226 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1015
587 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2142
378 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1496
213 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20121
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 141087
659 B
1 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2165
67 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12212
411 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2129
281 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189
395 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1212
7 KB
1 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 9963
1 googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 768
220 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5345
408 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1835
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 710
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1691
8 KB
0 smrtb.com Failed
ssl-market-east.smrtb.com Failed
0 bnmla.com Failed
match.bnmla.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
573 118
Domain Requested by
34 pagead2.googlesyndication.com 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
bewab.co
securepubads.g.doubleclick.net
s0.2mdn.net
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
www.googletagservices.com
27 bewab.co 1 redirects bewab.co
24 tpc.googlesyndication.com 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
bewab.co
securepubads.g.doubleclick.net
s0.2mdn.net
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
22 s0.2mdn.net 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
bewab.co
s0.2mdn.net
21 usersync.gumgum.com 2 redirects rtb.gumgum.com
ads.pubmatic.com
21 securepubads.g.doubleclick.net 1 redirects bewab.co
securepubads.g.doubleclick.net
563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
www.googletagservices.com
cdn.pixfuture.com
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
19 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
spl.zeotap.com
rtb.gumgum.com
15 mwzeom.zeotap.com spl.zeotap.com
ads.us.e-planning.net
14 x.bidswitch.net 8 redirects spl.zeotap.com
rtb.gumgum.com
ssum.casalemedia.com
14 googleads.g.doubleclick.net 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
pagead2.googlesyndication.com
bewab.co
14 csi.gstatic.com imasdk.googleapis.com
12 simage2.pubmatic.com ads.pubmatic.com
ads.us.e-planning.net
12 sync.go.sonobi.com ads.us.e-planning.net
12 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
12 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
ads.us.e-planning.net
rtb.gumgum.com
cdn.pixfuture.com
11 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
10 ads.pubmatic.com ads.us.e-planning.net
ads.pubmatic.com
rtb.gumgum.com
cdn.pixfuture.com
s.adtelligent.com
9 sync.adtelligent.com cdn.pixfuture.com
ads.us.e-planning.net
s.console.adtarget.com.tr
s.adtelligent.com
ads.pubmatic.com
9 image2.pubmatic.com ads.pubmatic.com
9 served-by.pixfuture.com bewab.co
cdn.pixfuture.com
9 ib.adnxs.com 7 redirects googleads.g.doubleclick.net
spl.zeotap.com
8 aax-eu.amazon-adsystem.com 2 redirects spl.zeotap.com
ads.pubmatic.com
8 sync-tm.everesttech.net 7 redirects ads.pubmatic.com
8 match.adsrvr.org cdn.pixfuture.com
ssum.casalemedia.com
spl.zeotap.com
ads.pubmatic.com
rtb.gumgum.com
ads.us.e-planning.net
8 ade.googlesyndication.com bewab.co
8 cdn.pixfuture.com bewab.co
served-by.pixfuture.com
cdn.pixfuture.com
static.cloudflareinsights.com
7 bh.contextweb.com 5 redirects
7 prebidserver.pixfuture.com cdn.pixfuture.com
ads.us.e-planning.net
6 sync.outbrain.com 4 redirects rtb.gumgum.com
6 match.prod.bidr.io 5 redirects ssum.casalemedia.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
spl.zeotap.com
5 creativecdn.com 5 redirects
5 dpm.demdex.net 2 redirects
5 onetag-sys.com 1 redirects ads.us.e-planning.net
cdn.pixfuture.com
s.adtelligent.com
5 secure.adnxs.com 4 redirects cdn.pixfuture.com
5 secure-assets.rubiconproject.com 5 redirects
5 tags.crwdcntrl.net securepubads.g.doubleclick.net
s.e-planning.net
tags.crwdcntrl.net
5 track1.aniview.com bewab.co
player.aniview.com
5 fonts.gstatic.com fonts.googleapis.com
4 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
rtb.gumgum.com
ssum.casalemedia.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 tags.bluekai.com spl.zeotap.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
4 googleads4.g.doubleclick.net bewab.co
4 www.google.com 1 redirects tpc.googlesyndication.com
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
4 r1---sn-4g5edndz.c.2mdn.net bewab.co
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
4 imasdk.googleapis.com 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
4 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
4 gum.criteo.com 1 redirects static.criteo.net
cdn.pixfuture.com
4 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 sync.1rx.io 3 redirects
3 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
3 d.turn.com
3 u.openx.net cdn.pixfuture.com
3 contextual.media.net cdn.pixfuture.com
3 us-u.openx.net rtb.gumgum.com
3 ad.turn.com 3 redirects
3 sync.srv.stackadapt.com ads.pubmatic.com
rtb.gumgum.com
3 eb2.3lift.com ads.us.e-planning.net
3 ups.analytics.yahoo.com 1 redirects ads.pubmatic.com
3 idsync.frontend.weborama.fr 2 redirects ads.pubmatic.com
3 ads.us.e-planning.net 1 redirects cdn.pixfuture.com
3 web.hb.ad.cpe.dotomi.com cdn.pixfuture.com
3 hbopenbid.pubmatic.com cdn.pixfuture.com
3 apex.go.sonobi.com cdn.pixfuture.com
3 fastlane.rubiconproject.com cdn.pixfuture.com
3 pixfuture2-d.openx.net cdn.pixfuture.com
3 btlr.sharethrough.com cdn.pixfuture.com
3 ap.lijit.com cdn.pixfuture.com
3 prg.smartadserver.com cdn.pixfuture.com
3 prebid.media.net cdn.pixfuture.com
3 www.googletagservices.com 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
3 id5-sync.com cdn.id5-sync.com
cdn.pixfuture.com
3 play.aniview.com bewab.co
3 player.avplayer.com tg1.aniview.com
bewab.co
3 www.googletagmanager.com bewab.co
www.googletagmanager.com
3 fonts.googleapis.com bewab.co
563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.us.e-planning.net
2 simage4.pubmatic.com ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 x.videobyte.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 cm.adform.net 2 redirects
2 cs.admanmedia.com rtb.gumgum.com
2 tg.socdm.com 2 redirects
2 sync.e-planning.net rtb.gumgum.com
2 ssbsync.smartadserver.com rtb.gumgum.com
2 ad.360yield.com rtb.gumgum.com
2 b1sync.zemanta.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
2 sync.ipredictive.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 p.rfihub.com 2 redirects
2 rtb.gumgum.com ads.us.e-planning.net
2 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 dsp.adfarm1.adition.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 cm.adgrx.com ssum.casalemedia.com
ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 i.e-planning.net ads.us.e-planning.net
2 ssum.casalemedia.com ads.us.e-planning.net
2 cookies.nextmillmedia.com 2 redirects
2 ssp.disqus.com 2 redirects
2 s.e-planning.net ads.us.e-planning.net
2 rtb.openx.net ads.us.e-planning.net
2 sync.admanmedia.com ads.us.e-planning.net
2 pixel.sitescout.com ads.us.e-planning.net
2 aa.agkn.com 1 redirects cdn.pixfuture.com
2 b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.googleadservices.com bewab.co
2 gcdn.2mdn.net 2 redirects
2 bid.g.doubleclick.net imasdk.googleapis.com
2 oajs.openx.net 1 redirects bewab.co
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 ads.playground.xyz 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 u.ipw.metadsp.co.uk 1 redirects
1 sync.taboola.com 1 redirects
1 rtb.adentifi.com ssum.casalemedia.com
1 ads.stickyadstv.com ssum.casalemedia.com
1 e.serverbid.com
1 sync.adkernel.com
1 nep.advangelists.com 1 redirects
1 ic.tynt.com cdn.pixfuture.com
1 s.adtelligent.com cdn.pixfuture.com
1 s.console.adtarget.com.tr cdn.pixfuture.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 sync.tidaltv.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 sync.adotmob.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 ghb2.adtelligent.com cdn.pixfuture.com
1 ghb1.adtelligent.com cdn.pixfuture.com
1 ghb.adtelligent.com cdn.pixfuture.com
1 lb.eu-1-id5-sync.com cdn.pixfuture.com
1 static.cloudflareinsights.com cdn.pixfuture.com
1 token.rubiconproject.com eus.rubiconproject.com
1 dm.hybrid.ai player.aniview.com
1 lh6.googleusercontent.com 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com bewab.co
1 go1.aniview.com player.aniview.com
1 bidder.criteo.com static.criteo.net
1 storage.googleapis.com bewab.co
1 player.aniview.com player.avplayer.com
1 www.google.de bewab.co
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 tg1.aniview.com bewab.co
1 get.optad360.io bewab.co
1 cmp.optad360.io bewab.co
0 ssl-market-east.smrtb.com Failed
0 match.bnmla.com Failed
0 api.rlcdn.com Failed cdn.pixfuture.com
0 fid.agkn.com Failed cdn.pixfuture.com
573 197

This site contains links to these domains. Also see Links.

Domain
www.pixfuture.com
greedygame.com
adzfactory.epicplay.in
Subject Issuer Validity Valid
bewab.co
GTS CA 1P5		 2023-07-13 -
2023-10-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.optad360.io
Amazon RSA 2048 M02		 2023-03-01 -
2023-11-15		 9 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-17 -
2024-04-16		 a year crt.sh
*.aniview.com
GeoTrust TLS RSA CA G1		 2023-07-15 -
2024-08-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.avplayer.com
GeoTrust TLS RSA CA G1		 2023-08-14 -
2024-09-13		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2022-09-26 -
2023-09-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-08-08 -
2023-10-17		 2 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-01 -
2023-12-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-08-03 -
2023-11-01		 3 months crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-08-03 -
2023-11-01		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-08 -
2024-07-08		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-08-07 -
2024-09-05		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-07-22 -
2023-10-20		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
*.consumableaudio.com
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-07-21 -
2023-10-19		 3 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 121 frames:

Primary Page: https://bewab.co/
Frame ID: 14DBF4FC3F9A89EF2B12852FB4173EE0
Requests: 170 HTTP requests in this frame

Frame: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E52BA17A0AAC4E8951948CD4F690330F
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63d78a95feee817a470cff47
Frame ID: D0ED1461BB99006FEF49EE34D6116B50
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bewab.co
Frame ID: 2C889CE3C2AF30FBD057FEBF44D4B5D3
Requests: 2 HTTP requests in this frame

Frame: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8BA3E39D980031F876C3D5229787EEED
Requests: 30 HTTP requests in this frame

Frame: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5A34595741788C380756AE5FB7D74F6A
Requests: 22 HTTP requests in this frame

Frame: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 05A8F1AF803E089731732CAA3EF416A5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNVYrB-EH6DLdc_OuPDIma4YSZGQCKA-69NOWWtLJV0eOe0kjkEvLCsOO_j9YKr1LZ3JiBtMy7sHcIBxoLlJq8SSdFBYcxdYs3cQIgs1rHNbIPon1DgmBRMzbxZ6ZD4n0bDNFIOPPB6ndwO5p6oCOJhiDEpcaoEJ2zT9TeU18QchdIiBWns
Frame ID: 625C460DBF736CC736FDB1499194069C
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E91837AB8395D7C9ADDA6292EA9B959B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 679EFA4B4CEB110AE56ABED38077EC0D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E95D8BB316E84068400A650CC2892548
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaeF-1jjODB05GyVBM_8gt5ssC2bRr3RrtRiDMno7Ft-TBODM6Ue38g5t5XrrP0cP5MugCa35ybahdU0tTPgCx6a8w18RYcEqsrcyqeDEYI5h4Qsd_Ee9RhCZUrTBEZzLMng_sXRlpw2HeTbv6SABcakstWJey8l28I7RshDU238IXKzzeBqUhWF30qcXXhm26RvArk8mdn7WAHDpHftahbr7wAAH2RKoFbpccJM0G2qzAAC22Yxml3zGK34mQ0EK-4xX2SCbeiwxBGGwO86k2BQBMGOUqYaU9_IX3yxNE89IMdIOjA8l71F4BTIeRyFu9BTvxOvFGQQqw0NtSZx_DeQ&sai=AMfl-YT5BPR8CyMtK_1mP_y0mcEQ9gDsyOlMkJvzvJBIiezloj4hvwm9o691xzddqfzBI6o042SXbnaoIwzbo_k1Vh174zGgSX_QchgfT3TvTc6aTuIm4xW4NsjKQWrTl8sjansrbBed9vLSaWKpnYuu&sig=Cg0ArKJSzHs8U-wRNdi9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0295F12DA5FC74ECC9918D911E699132
Requests: 11 HTTP requests in this frame

Frame: https://dm.hybrid.ai/match?id=407&vid=1692717173004-960420603629-001257-006-009793&gdpr=1&gdpr_consent=&burl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692717173004-960420603629-001257-006-009793%26biddername%3D166%26pid%3D5e7b9048180bd02ded4b0937%26key%3D%24%7BVID%7D
Frame ID: 65ECD9856A66A4E1FC9C3D05CCE9BCD8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 56F97A33A01B0D2CEA4AAC5D11629455
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 36ACC1587F9F1D4715A8A7243349015A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Frame ID: D8AC0E14B5FB0DF0DD2C694E052C2B80
Requests: 22 HTTP requests in this frame

Frame: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 15696C24A672C882CC8F1B740FD7FA90
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2FB15740C56EAFEAF50926808F70E14
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47B2459591943DE871AC8EE3C9592167
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Frame ID: E84C312CBEC486D9B02AD6F1EA74A30D
Requests: 1 HTTP requests in this frame

Frame: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 355A50BE9BB3BC25D0F579C5428972D3
Requests: 36 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A18CE236648B58E5345FD5CDD208FE57
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2AAD0387E23524EE1769AA8F34B8F3C3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3CC583E1809A76C1CFAA83DF0DD66EB0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: 912438F4DCE086E0D2CC2F419FD7FBC2
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: 15B32D5768A88A8FC6A1AC859E81CDB0
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: CECF677F387BE8B41DF96DE8CB286993
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Frame ID: 9A6655EE54EAFDB60F982B942AEAF0CB
Requests: 25 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Frame ID: 37FC0F2AA434431E5B75A0C1061A9247
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: DF45B1A7DE015A9EA7154E77E4C7D003
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 1FDAF8A722832E776CDD3F466062215B
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 782E917449F485C2DC8EBC41E236D961
Requests: 32 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/320x50.png
Frame ID: 4138127ABCEC2C1C06758896B1CA2015
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Frame ID: E1C489C49F497ADD9AA03161ECAFD789
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: DC14A90F0687B68E16247FCFCF786545
Requests: 1 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AM20AgHu8EED3r%2fp
Frame ID: CCCCF890FFE2080AE4BE5A284B64E2CD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: CC4EAF3D9B733698CE979D9B86E5A7C2
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: C7DB989B2C8D338F1FDD03995A9DA879
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6agVhLusR4jyrEjT6qhd1Of4FoHyqxGA7qxahYFV
Frame ID: 6306242355E72130562B40BB4EA7BB98
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1767717742930980986&gdpr=0&gdpr_consent=
Frame ID: 30A3C4E6662CF00811D8E98E46462CA5
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 62AA4E66CA90A028893862223995D6F3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270164908032129181&gdpr=0&gdpr_consent=
Frame ID: 02ED5E4B48FCC9AF5630B1116F8DC52C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZOTQeAAKgvf2ywAN
Frame ID: 11B7215F0585B941D129F10CD81FF300
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 37B727D91DD509947B61842D0F430DD2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUd49150529e0e422c85fa709748dcc170&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: FB326AB6DA0A7885F579BA618370609E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACwYk7JyaEAACUrYbQv4Q&gdpr=0&gdpr_consent=
Frame ID: 82394FEB124000A04D66832D81875207
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826653479319
Frame ID: FC4EBD41F57431A4BA8D6923CC9D25A4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4FF3813FD308D4220BD537FA93DD3722
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=193533971124354479
Frame ID: F56035A172CD2FD73871D6E65CCF601C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 68ED11EC07EBD9E2BF2141B3E700F9E8
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 05C7B88881C224BA1B41C22D4C83D9D7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
Frame ID: 582C5092FD4786495C249DD790346FCD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qad0xifweuyi
Frame ID: 86A3190052ADB525DB00883DB4517185
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgbnUbMnaXaSYRYXj&gdpr=0&gdpr_consent=
Frame ID: 3C7A8252677EA9E8997BD7C876675C02
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=927a4eee13039382&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: 758CBC7528AF91B3C793F2DF0570968D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgtz25wAN&gdpr=&gdpr_consent=&_test=ZOTQeAAKgtz25wAN
Frame ID: C1F1D06CECBFD15771CB118BBE72A9A3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMTU4MDczZS1iMjY2LTQ3OTEtYTdmOS1lNjM1Y2ZhZTFiZDI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: ACFCBC5D43A26BD884F384EB284F0FCD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: B78BB30B7670975FD19E0F66DD1D7AC4
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 5292300F2ED8482E8AC7DDC939C3B24A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZOTQeMCo5ugAADCN1sgAAAAA
Frame ID: 0F2A24FE85C6BCA4386FB7F24E533A07
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: F4B33D009003F1FAC0EB15796B2820C7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum&tc=1
Frame ID: B04F3837DAB6B42EE2F2D7F8D3415C5C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 4FBBF7A0A106E1CA1D3183B117F05EE5
Requests: 3 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/160x600.png
Frame ID: 8EDCAB7E904B3E60E6BEABA550211ECD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/160x600.png
Frame ID: 0BA2BBFC97FE6AAF0A48D4F4716C6184
Requests: 1 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: 22803CDA9652C98E5F8D2FB488CE0E81
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: E3284D927F43504019615A4938F4C057
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: CE0C858B90D29187360B9276CEF3BD93
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 294DDBC4CC5F11EF959B45631596C8F8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4450F17A114C88F5129EA39A54D24F43
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3D858533A6F64CD3F71E93E505123865
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 885F4411FB5BB23DDC681D5E5CED7C43
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: B230B91AD27E2D38DC4750659E1A9118
Requests: 12 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 4F3794C01F8139238CC930E1A17A2F9D
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=1767717742930980986
Frame ID: 35EF925A15A9B372E89AF28976635F86
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: DB551E301C008EB8E1333D862C0DFB1F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 267C478753287A05CB5C0EBCD2908608
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 58020523D1753B33055D66CA7B15B6DF
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 09ECFC507FE2870810A6821EE30215AF
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]
Frame ID: F207EF1A8E492A03C3D70D11B60A18AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 11FAF3D8BD6C99F73DA0EC8FB96777F3
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: 99B99AA19E58FC7F7FC98C94E7E24E4D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 426196A21A632E1FDFDACA0C5C015CD8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 25C08892B6A4EBA81FE403B1BE17529B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: FC032464C5A408095A3A94B92647A0EE
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D61085dcf412aa42c%26uid%3D
Frame ID: 0D7260B924CDAB7B2B93E848EFD86766
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Frame ID: E37B7C8C24CACB6909AA129A51DED478
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 456F22E70E43F59F705C18DF47ED12F2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 8BF873C4077C2AA133F10570231668B9
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: FEA502FB028B6A2CEDD05016DDEEAAB9
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Frame ID: ADE958BBD2BD952EB0A1301802BA8A1D
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: A48EAEC05C0972DF23032DFA6292D4E1
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AM20AgHu8EED3r%2fp
Frame ID: 93300F9F6587181B5E2107F23C664E70
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgvf2ywAN&gdpr=&gdpr_consent=
Frame ID: 2E25A22351EC6D58CC80443A7CF12547
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMTU4MDczZS1iMjY2LTQ3OTEtYTdmOS1lNjM1Y2ZhZTFiZDI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: BA3183A51A67549976186286B032D493
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 5142067D614D0595A9BA034F26B6F11D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 572A2021BA0C0461881A28E299D66041
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZOTQecCo5ugAADCN1s4AAAAA
Frame ID: 342B895BDC7D3AD593D46E1A3A04036B
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: E1208291586F6EF65C05A5E3C1F970C5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum
Frame ID: 2FED2C1DF7D07714E4339F610BA5D652
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: D7EFEEBC138DE65FAB7897B4586F9B9C
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=IN3y0qPESdOIdb6gFtlf&pi=admatic
Frame ID: 6C985535E6FF94D4D72A79F97E3F3FA1
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=749789&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Frame ID: E5FE1F8B3E775D3616100391B1EAE012
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 053317F995F0E4A95646A5FABBFC81C3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 244A28AF3A7051BEF7812E709B2BB7A4
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
Frame ID: 33FEEC7DDDAF442A75EC25085013F1D6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: BB15AA5FADBB4FE92D5CD6AE156CFB9A
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 4D5E2925F490313872AAAA0EAF6C04B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6AAA59147444CFD9538627625B7FAC6&gdpr=0&gdpr_consent=
Frame ID: 67ADA0B52F48583854EBEAFD5BECB5B5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-14833bb0-634b-42d3-a806-e15b67f31889-003
Frame ID: A79453E6008F9D86E1F274E36A8F0572
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=927a4eee13039382&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: 9C57BADC515C0D9158CAD6D76623EE9A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: FC041C2FC60EC36FA8E3E71CAD669A71
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: 0EFE51D838F62D92184D9E7433AB9DD3
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=61085dcf412aa42c&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: 0D018AE34B53407131800CE7ECE71779
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: 5FFE6FC6E0CA5B43154472F45155D00A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: 6096374135FFD5B13C71B1A48C7395BA
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=61085dcf412aa42c&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: 41856805D636EBEEF8D44F179156079D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: 5444A9F2693EB06675EE13BA6F023A36
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: F70DBC3400FD12779E0DD77239A14B76
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: BD14C79B676F3BAE7319E47AEA6372C6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Frame ID: 2897E668E191A4FEFFA12BDC3ABD018C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BeWab - Web Article's Protocol

Page URL History Show full URLs

  1. http://bewab.co/ HTTP 301
    https://bewab.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

573
Requests

85 %
HTTPS

26 %
IPv6

118
Domains

197
Subdomains

136
IPs

16
Countries

15040 kB
Transfer

23838 kB
Size

160
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bewab.co/ HTTP 301
    https://bewab.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbewab.co%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbewab.co%2F&rid=esp&cc=1
Request Chain 77
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bewab.co&sn=ChromeSyncframe&so=0&topUrl=bewab.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=iK0JknxwV2psL2Y5cGpuWEd4NGM5UWdWem9CYmxaRzdkdDQ4S25iYXFJb1dLOWJqd0s4SmJ4YkRmNWFNM1htMEVXcmpBM1gyQjFuK1BNK3JlKzZYUE9EQzhLUkt0b1FWdEd3elRMejdEVE8rZGRodFdRQlVTUkE2SUpsSk1kNDd4WTNlZjBrVmVuMkJicU1FdnI5Z0lGRzVjVTNCQ0xjZXM0b3dFS2J3Z2FNZGlQYkw3VDRibzdvVjF2ZGk3aFNyWmhkZldmZi8wU3FpSkNUNWNtaUNmRnZjbGtQbkNDdGJobEF1NWgrM28yRDhOeWM0WG85UGpSNTVUNUxwUkNZNDJPNUI0aCszVTJMWVNsQVloK0U0MEw5NFVaUT09fA&cppv=2
Request Chain 107
  • https://gcdn.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253173/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/222BC18102F288E22D0BF67C2504FEB232FC0611.6B2C66AD314B57E37919A377066F97DA800FA477/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253173/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/469810A5BA98F1275C5AF223409E97741F320E39.6110DBEB5DAC3E686AD2CC9F51C0EEAE64B4353F/key/cms1/cms_redirect/yes/mh/Wu/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5edndz/ms/onc/mt/1692715610/mv/u/mvi/1/pl/29/file/file.mp4
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnRB7uXrJAYITLrUorGMjc&google_cver=1
Request Chain 115
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTQdTTaCGWnmtdMMEnXvgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnRB7uXrJAYITLrUorGMjc&google_cver=1
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1fFRQoMHFxg5ebEYz5UpY&google_cver=1
Request Chain 117
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2NzcxNzc0MjkzMDk4MDk4Ng%3D%3D
Request Chain 125
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CY-tkdNDkZN7YJcqTjuwPnIirMO2cuu1xx9-lk9IRjb6dtZ4_EAEgxfDOhAFglfL9gZQHyAEGqQLX3YNie0yyPqgDAaoE4wFP0K0JG7dAxzvIxJ_J2rTTTxkbQNIYfiIQeQfrc03QAbM2E947oCpSUAllP9ZbtAPEQsnLD1heH6E_9-ZpNxqESASBil7AybexFq_rQa7hQ71WdgVqhwo2Y_5CXhOVPPeqYLjITTwiSO-u_K4JQL1WzJYqqIPXhx1frf7GdX3pgsuECEC7Mw3jeabuQrz9HV0F_krQFTOvDzimosAiCqk48nqEppp6GRbf5nVNUSsLEB1J3xP94um7jEurqrMVGrTaeMyNDbgRhR348jjw3OiQcQTCGb-M_M7nxumfTvLCLUHTL8AE8tXQpbME4AQDiAXB5_b6S5IFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHjo29hAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChDz9xMYjIHe8QHSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mgl_aHR0cHM6Ly93d3cucG93dGVjaC5kZS9kZS9iZXN1Y2hlci13ZXJkZW4_dXRtX3NvdXJjZT1kaXNwbGF5LWFkcyZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249MjAyMy5kZS52aXNpdG9ycy5kaXNwbGF5LWFkcy5tZWRpYYAKA8gLAbAT9du_FMgTocyn4wPQEwDYEwrYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzIwNjQ1NjU0NjY2NDE4ORiTonvoFwE&sigh=T-rkW3yl1pE&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWx6meWn0wSjI1GU-W1GCEiSc_OiOInTW5CzjyWvHxMI1jvIfGja6uCK5E-rjYNOw7ptEGyZq2lXzIezNqddfje-ehhYdIRxgB&template_id=509&vt=10&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226447322890227767672%22,%22debug_reporting%22:true,%22destination%22:%22https://powtech.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%220%22],%224%22:[%2208-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221825803911352049345%22}&andc=true
Request Chain 128
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 139
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 213
  • https://gcdn.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253174/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/030291BE5D3C6AA670C44A861930CA6272BE9B48.5F3D440289B98D08A0675CBDFDA937155B051D8B/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253174/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60BA9FE0205C13FD6BA43E13E40FDFFB6AE5E84B.EE6291D10315ED4C50A676B36A11F2A8C1485F/key/cms1/cms_redirect/yes/mh/Wu/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5edndz/ms/onc/mt/1692715610/mv/u/mvi/1/pl/29/file/file.mp4
Request Chain 291
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Request Chain 297
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D927a4eee13039382%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=927a4eee13039382&uid=1767717742930980986
Request Chain 298
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D927a4eee13039382%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=927a4eee13039382&uid=ua-8a4cf9f4-cabf-338b-b4cc-a3c979c11c6b
Request Chain 300
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D927a4eee13039382 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=927a4eee13039382
Request Chain 301
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 311
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL3NWrfJfwejH7ufjvPoe1o&google_cver=1
Request Chain 313
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1767717742930980986
Request Chain 314
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 315
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZOTQdwAAAPAj-wBV HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZOTQdwAAAPAj-wBV&_test=ZOTQdwAAAPAj-wBV
Request Chain 316
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5823867715216544255&expiration=1693926776
Request Chain 322
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f9af2bef-a57b-498c-b91d-be9cabc6d192&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Request Chain 329
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a452d295-2545-4f0e-4080-766c2b20dc18&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a452d295-2545-4f0e-4080-766c2b20dc18&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=47705237612896786474595088793541392144&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Request Chain 331
  • https://bn01.er.bemail.it/zeotap.php?_bid=a452d295-2545-4f0e-4080-766c2b20dc18&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023082217-32235-0.975762001692717175-272a702d339fe825a9fb50514ced0a2a&zdid=533&env=mWeb
Request Chain 332
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7270164908032129181&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Request Chain 333
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a452d295-2545-4f0e-4080-766c2b20dc18 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a452d295-2545-4f0e-4080-766c2b20dc18
Request Chain 334
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361&bounce=1&random=627225954 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=t0JIisAW0Fw9qmwAIqddSO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Request Chain 336
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a452d295-2545-4f0e-4080-766c2b20dc18?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Request Chain 337
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-HfKCzbtE2oqL0CwqGcYxnqCNXuv.OCIE1w--~A&zpartnerid=570&env=mWeb
Request Chain 338
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=7YguWSdCLVzVJrxztOcwz5H3TTfq5okp%2BS41iYitP1U%3D
Request Chain 342
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZOTQdwAAAPAj-wBV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Request Chain 343
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Request Chain 344
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a452d295-2545-4f0e-4080-766c2b20dc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a452d295-2545-4f0e-4080-766c2b20dc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361&dcc=t
Request Chain 346
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Request Chain 347
  • https://pixel.rubiconproject.com/token?pid=41544&puid=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LLMG3NL7-N-DMBS&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 357
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 358
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 359
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6agVhLusR4jyrEjT6qhd1Of4FoHyqxGA7qxahYFV
Request Chain 360
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1767717742930980986&gdpr=0&gdpr_consent=
Request Chain 362
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270164908032129181&gdpr=0&gdpr_consent=
Request Chain 363
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZOTQeAAKgvf2ywAN
Request Chain 364
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 365
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUd49150529e0e422c85fa709748dcc170&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 366
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDd1lrN0p5YUVBQUNVclliUXY0UQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACwYk7JyaEAACUrYbQv4Q&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2586407152700043406&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACwYk7JyaEAACUrYbQv4Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2586407152700043406%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2586407152700043406&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACwYk7JyaEAACUrYbQv4Q&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACwYk7JyaEAACUrYbQv4Q&gdpr=0&gdpr_consent=
Request Chain 367
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826653479319
Request Chain 369
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=193533971124354479
Request Chain 372
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
Request Chain 373
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qad0xifweuyi
Request Chain 374
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a1e61fe02083932c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DHHt10NrrgbnUbMnaXaSYRYXj%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DHHt10NrrgbnUbMnaXaSYRYXj%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgbnUbMnaXaSYRYXj&gdpr=0&gdpr_consent=
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=epVfa4AiSl2l1brpC-4JiA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 378
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=650533134 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Request Chain 379
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzhoN21FcGYzcmdUYlctcUZEbFc0UVJvdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7878324549133378996&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 380
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0E5NTVGNkItODAyMi00QTVELUE1RDUtQkFFOTBCRUUwOTg4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENsfMNcbw3blq449yfwbz-U&google_cver=1
Request Chain 384
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7878324549133378996
Request Chain 387
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_adc113d2-992c-4657-94d4-661d9700fa2b&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 389
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8800757208030716490&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 390
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8c216082-6b04-48d2-8259-03f36fd72627&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 392
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1767717742930980986
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7878324549133378996&ssp=gumgum2
Request Chain 394
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&obuid=ENC(MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 398
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=b71c1241-8923-43d2-83f2-50c0cc3321ae
Request Chain 400
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 402
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=05fm1GB4BkLk&ev=1&pid=558355
Request Chain 405
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZOTQeAAKgtz25wAN HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgtz25wAN&gdpr=&gdpr_consent=&_test=ZOTQeAAKgtz25wAN
Request Chain 409
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZOTQeMCo5ugAADCN1sgAAAAA
Request Chain 411
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum&tc=1
Request Chain 412
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 421
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Request Chain 430
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=1767717742930980986
Request Chain 435
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D HTTP 303
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]
Request Chain 441
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MWZlM2YxNzktNmY1OS00ZGJmLWIwNDMtZDVkMTcxMGFlODU1 HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
Request Chain 445
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=1767717742930980986
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YThiZGYyNzItYjQwMi00MDQ4LWI3YWMtODgxNzAxMDkyMzFj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
Request Chain 448
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=c1057d6c-25d9-48a7-9e61-87193fbeb6b9
Request Chain 453
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=1fe3f179-6f59-4dbf-b043-d5d1710ae855&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=QWRndXM2SDhSbkplSzlpNmE5aHRrUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOg1yKJZT9SOxd_pDVccoM&google_cver=1
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZmZjMzU4NDQtOTUxNS00ODljLWJmZDQtZjFiN2QwZGZkMzRl HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
Request Chain 455
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=1fe3f179-6f59-4dbf-b043-d5d1710ae855&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=c14fbc91-daf7-4f3c-8ea3-1a2162675f1a
Request Chain 457
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&google_hm=MWYxYjFjN2MtNjJmNS00YTRhLWExM2MtNDk5ZjNiNWYxN2Ew HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEISxpNOTbpcYj5PfSNa8ZWo&google_cver=1&ssp=sonobi&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
Request Chain 460
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IN3y0qPESdOIdb6gFtlf&pi=sonobi
Request Chain 461
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210826653479319
Request Chain 470
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=ffc35844-9515-489c-bfd4-f1b7d0dfd34e&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=b2224809-68ef-40a0-8d1e-0134f57dc857
Request Chain 471
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ffc35844-9515-489c-bfd4-f1b7d0dfd34e&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=QlBvZ2xSMjdVT2VpZmM0MEJZUEEyQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOg1yKJZT9SOxd_pDVccoM&google_cver=1
Request Chain 475
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
Request Chain 481
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D61085dcf412aa42c%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=61085dcf412aa42c&uid=1767717742930980986
Request Chain 482
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D61085dcf412aa42c%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=61085dcf412aa42c&uid=ua-8a4cf9f4-cabf-338b-b4cc-a3c979c11c6b
Request Chain 484
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D61085dcf412aa42c HTTP 302
  • https://u-ams03.e-planning.net/um?uid=csuid_40d96481-2f8c-4952-b87e-2b57a03be6f5&dc=b337141cfdc8cf59&fi=61085dcf412aa42c
Request Chain 485
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 499
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8800757208030716490
Request Chain 500
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=o7S1y7p01Qyt3W5
Request Chain 503
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZOTQdTTaCGWnmtdMMEnXvgAA%261131&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b1f2e529-1e9b-4059-ba91-a7d179314031-tuctbde55f9
Request Chain 505
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1767717742930980986
Request Chain 506
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
Request Chain 507
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&obuid=ENC(MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 510
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3EWVyF5E2pcEVmghLGz8V1.opOdKxMccEPPM~A
Request Chain 511
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=b71c1241-8923-43d2-83f2-50c0cc3321ae
Request Chain 513
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 515
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=91U4zdqnF3dA&ev=1&pid=558355
Request Chain 518
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgvf2ywAN&gdpr=&gdpr_consent=
Request Chain 522
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZOTQecCo5ugAADCN1s4AAAAA
Request Chain 524
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum
Request Chain 525
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 526
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=IN3y0qPESdOIdb6gFtlf&pi=admatic
Request Chain 527
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=749789&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Request Chain 528
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4af7eeb42ca61827
Request Chain 529
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3D2b69fc75-c4b5-4bba-43c6-27880b29d3e3%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=2b69fc75-c4b5-4bba-43c6-27880b29d3e3&zdid=1361
Request Chain 541
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 543
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6AAA59147444CFD9538627625B7FAC6&gdpr=0&gdpr_consent=
Request Chain 544
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1692717179171 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5206122994 HTTP 302
  • https://sync.1rx.io/usersync/turn/8800757208030716490?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-14833bb0-634b-42d3-a806-e15b67f31889-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-14833bb0-634b-42d3-a806-e15b67f31889-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-14833bb0-634b-42d3-a806-e15b67f31889-003
Request Chain 547
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 548
  • https://pixel.onaudience.com/?partner=214&mapped=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e2d280a150659a4f04621579ea204b5f&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 549
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1767717742930980986

573 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bewab.co/
Redirect Chain
  • http://bewab.co/
  • https://bewab.co/
59 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
b7c2730bbf91156366b00f43d97c51a2653a809188a5dba6817d701429166360

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7fac0e6dbdfe1919-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:52 GMT
link
<https://bewab.co/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOWiRY%2BqzBDfjVhBbNz774%2FUdA%2BWBCYrKyaD6om03qVJyNsIfTlG%2B8uqBJlYO0piLkC4P75fz4PjLPemAtH6HzLH0HRfntOF1YJtCin6s9JduKkvuaU2X6z%2B24RjdrCfYlWQfSDj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33

Redirect headers

CF-RAY
7fac0e6d39e74db8-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 22 Aug 2023 15:12:50 GMT
Expires
Tue, 22 Aug 2023 16:12:50 GMT
Location
https://bewab.co/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQ4NSuQC1cFGNra1f88QgcKDrYK5naB6VHpu9H9O1zDxt%2BOKZYT9YonGc%2B6YKQkVyyAr1sKe1LYtOV8s%2Fwp7aNjCIQEP7gx8M%2BLqRuhLXg88Bh7Pr2fndGAZZ%2FxOFxRg8%2FUW3pAK"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
style.min.css
bewab.co/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Aug 2023 05:07:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
395
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgrb6WjC%2F0FLZzhGlKV5BvczFkYazcVxGNrshkUiSIzTBzQfMQTlpGyUH7%2B9aCTCymIC45Etc1CyfAhmH%2FjG6r59n2hisa2rqqsBHikv7Njl%2B2B%2BWoEx0IGAXa4z0nh%2FCJNmB%2Bmu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7fac0e753af71919-FRA
90013b60-e2d4-4df2-a1ef-34355cd2e7df
https://bewab.co/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://bewab.co/90013b60-e2d4-4df2-a1ef-34355cd2e7df
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
jquery.fancybox-1.3.4.css
bewab.co/wp-content/plugins/advanced-ads-layer/public/assets/fancybox/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/advanced-ads-layer/public/assets/fancybox/jquery.fancybox-1.3.4.css?ver=1.3.4
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dece7cbebfcff3aa1b576df47969cd000d598208c550c41dd55a49072c2c8e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jul 2023 03:38:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
395
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdI2TtF3rWD1HIzd1awqyGzjSp68at3mbnOstxIat6P8zz%2FvAcJNS9Oxu9DbfjM8x9UO7rlGIietAfctQcO7B0JglMG5JMIHDazH6za4tTcHY1JcjQCr2rNv15g%2BwN%2BbvpmO3ZZE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7fac0e759b7e1919-FRA
screen.min.css
bewab.co/wp-content/plugins/easy-table-of-contents/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.53
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca1bb41f8bd235c016c81e22a5be19fafddf755798a6e74420ae21174534595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 12:50:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
395
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDVggV1HN%2F86e45laKmIeUqLhC4POHc28NaQrKyil9Zhb3%2BlxUfvOq4hliSd0s4U%2FHY6tT4Z%2FCDXSM62IGcoSxu1f2eeED6QyKnlTFNMsuGqLBFJ31OCEOKSPd%2FvQschRew2Ekff"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7fac0e759b7f1919-FRA
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0588584c7df8f66eec58d51819176498188da099f6f38686fbea9605e8e66476
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 14:52:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 15:12:52 GMT
style.css
bewab.co/wp-content/themes/mh-magazine-lite/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jul 2023 04:13:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
395
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihpZwAC2EPL0JSim4QPXOW5wATGVkbsiy9mI52jK23p4jySRzNUXSNYt%2BM9GCAp5osKwXK%2FDsJs3VVhVbj%2Fkb2K443ScdrIIomFPvzCtLhzxgTXl4K7BBDUUFSOxNFK1LW9YMQYu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7fac0e759b811919-FRA
font-awesome.min.css
bewab.co/wp-content/themes/mh-magazine-lite/includes/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Jan 2023 23:38:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
395
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YR8F3VLd%2Fm2pahOB1GobGkiv0em7J4syEv%2BtY%2FrVLSdMukI%2BI9c%2Bb7%2BfNOkBtGEbZtHVO6Mw%2FXisFnlzAxsWdSKhZKK%2FTTDkJeyt8%2F%2Bqav31f%2BFyhvW6%2BU52PMjARLGfkbLNl2OJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7fac0e759b821919-FRA
jquery.min.js
bewab.co/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Aug 2023 05:07:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
395
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LOj6MhnkWEAUo2l%2FRlxhSQ606JINmFANhjTUyzRu0rfVyFT1Opan5a%2Fz0N%2BuXPQ3gmNylow7rjZM48d5sNf5b2KJ%2BPgaNzgp5df4qiF5EC9n64ndktrzYCxXvYh5eemo8xm6oCX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e759b831919-FRA
jquery-migrate.min.js
bewab.co/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Aug 2023 05:07:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
395
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BcHexrhWO4N4pl%2Fojf4pk3UeMf3eI6YVKGBJEbi3cRd0tI7Cav8Tb8cMcAeTtiNnQqJo6mcMTuoVr6DdZ75xbXQ5zSULDqKirByI5ydH%2B%2Fb4eiJWDtDKPP69dGqYpSUObpYfoFw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e759b851919-FRA
advanced.min.js
bewab.co/wp-content/plugins/advanced-ads/public/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.46.0
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 17:33:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
395
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bmh5c317C8Aw98n0XCGNh8hysY4EEzm5tXQinoobix1Hk5V1zYSuNE2l1EazNc5TN3VsN%2Fc5Pt%2F2W1GlIxTjmhvTQ%2BIgasE5GrQJtYOsNJWXZFpJrpDuL1YWIWOAZMR5vEIhzdQq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e759b871919-FRA
scripts.js
bewab.co/wp-content/themes/mh-magazine-lite/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Jan 2023 23:38:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
395
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBiu%2FUK40IICLNVOPgJ%2FcirC8xFjU3L0u4QfKw2hHzj%2F6hZTjeQMcKcCx1PKjz5qFE09mOBbKKoXSASh92oFqy6Lfrfrq9LSRVDk%2FNNoseGG6IcqmYucLBGKOpGVGuQschqS2vS9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e759b881919-FRA
109e8d59-e192-41e1-b4f5-883627d6cf6e.min.js
cmp.optad360.io/items/ 		497 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/109e8d59-e192-41e1-b4f5-883627d6cf6e.min.js
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:a200:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 01:13:12 GMT
via
1.1 4ab1227a56c7dfaf7a8f7750683df1be.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
50380
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
497
x-amz-cf-id
VRlJSQdnysl_L2eH3ap0fBr1IWEIbxUbtVFQtDfUp7KUMHcjV0myyg==
plugin.min.js
get.optad360.io/sf/8cb4e50e-8e86-4704-8370-9bdf772b0844/ 		2 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/8cb4e50e-8e86-4704-8370-9bdf772b0844/plugin.min.js
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 12:46:15 GMT
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jul 2020 06:52:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
27051998
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Error from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
accept-ranges
bytes
content-length
2
x-amz-cf-id
-eYrVazamPt6bAIdtYFe2HMjY5i--144OuluVzIa8ATRFIENNaePJg==
pxft_iel.js
cdn.pixfuture.com/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pxft_iel.js?siteid=11109
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38774
cf-bgj
minify
last-modified
Fri, 09 Dec 2022 15:37:52 GMT
server
cloudflare
etag
W/"63935650-139c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ46iT1rLbPrWqhM56%2BtI9uUFTcITaMxW4o2GtrDSXn6AgTqBJW%2BufkOeEfMXDPuzTIxNc81H4G9KknALgz4BjTRxTMgBCXrMZFuNYmrFQBy9FCClwMM2Gd1AstozqaBnrq4cqBsqAL0rUxo5hvS"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7fac0e766ab0694b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 22 Aug 2023 19:41:04 GMT
spt
tg1.aniview.com/api/adserver/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=63f464f674272ad1280cc8a5&AV_PUBLISHERID=63d78a95feee817a470cff47
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
0925b2e8cb55018e1ae78e1f706561044659393ec4d0053fb34bb9355feae410

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
gzip
vary
origin
x-hw
1692717172.dop260.fr8.t,1692717172.cds167.fr8.hn,1692717172.cds329.fr8.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
7058
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bae648b29faf42984c65c90cea0c3e69a63b6a0271e971b68b400309278064e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29456
x-xss-protection
0
server
cafe
etag
800 / 19591 / m202308170101 / config-hash: 1333500184187641948
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:12:52 GMT
Antivirus-Software-for-Businesses-326x245.jpg
bewab.co/wp-content/uploads/2023/07/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewab.co/wp-content/uploads/2023/07/Antivirus-Software-for-Businesses-326x245.jpg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d683efb167e3bb56aa391b4b2996f937ea5c0868698da81f82d85f6f1cdcb9e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 23 Jul 2023 19:19:51 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=17250
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcqNsDTQJO2B6PBrPciJOHKXjV4Glu8QDOF0cy8yyUtzS3OLnK5AACHpl76oS68i7BGYDJxmcFzHxAm%2FGI%2Fzyu%2BB7ygTZVUv2K4XbEM%2B1JUphHQHrZEHTcMKpR0jwZbwqM8saK9t"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7fac0e759b891919-FRA
content-length
15399
Investment-Portfolio-326x245.jpg
bewab.co/wp-content/uploads/2023/07/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewab.co/wp-content/uploads/2023/07/Investment-Portfolio-326x245.jpg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4689bcdb8ba0bcb0cd39d315341cc588dae4c4a52d0da051be9709157df0d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 23 Jul 2023 19:14:52 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=13492
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8N87HWCnkTt2TIHrmgYarOrzyuMl%2BXZqFtUxGpz%2FaFgVLPDKRC4IPTxYNegl9rh1FPcYtbDNICfOREcKnQZapad5LR1yIYZUQm%2F6cPm7L7YN0dHUEOrpSTatsY3JH2bmeRyBMKb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7fac0e762c6f1919-FRA
content-length
12795
Coding-Bootcamps-326x245.jpg
bewab.co/wp-content/uploads/2023/07/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewab.co/wp-content/uploads/2023/07/Coding-Bootcamps-326x245.jpg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70a75be82cac722f819acde0d2045fdb48549cc5f3e157764f2d1ee33020b46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 23 Jul 2023 19:11:30 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=17280
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpHhu7dd6kXAoNCdsAvTSXCBpf0lpZkW0nryuGgfSm%2Fkj4OqAAU%2B6EuQMgP5Oq1NJsqZwJ0IcHRAMromXDkZIgLrtYDrEjg5ZaLy0OQp9NOWbuwEnPAiChYmjHRQHqbHzoMf5gM9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7fac0e762c701919-FRA
content-length
16057
js
www.googletagmanager.com/gtag/ 		263 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MGC1XL39YR
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b36c16f4c6311741f1986f446812c9413246fb90a309f38a58248545c8d48b0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89951
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 22 Aug 2023 15:12:52 GMT
jquery.fancybox-1.3.4-patched.js
bewab.co/wp-content/plugins/advanced-ads-layer/public/assets/fancybox/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/advanced-ads-layer/public/assets/fancybox/jquery.fancybox-1.3.4-patched.js?ver=1.3.4
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596904dd33536d79738684a77ca4301a01e05993c790596aff353435c1165753

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jul 2023 03:38:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
394
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hmw9k50n7sxR5EUWU1pXwqx881FJ5OzMWY8nA5Meer%2Fwm7EXtttjbaaTwlIWiNK%2FEmBqfNxw%2Fd03%2BBaoazHSl1Ui1DDXiRvpqe2nsbqHDx1r%2Fap3X3uh8NSLkseFwgQ9MvY%2BQ1lv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e75fc2a1919-FRA
base.min.js
bewab.co/wp-content/plugins/advanced-ads-pro/assets/js/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.22.1
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b896fa5fe0e0b592fce7930f908fc84481d99bd2ed3651d71ebe364cdae53be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jul 2023 19:39:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
394
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOwjlxft51NU%2B1l0cLnL2c1kszC5El2wjkp%2BYu8KnKs%2BecPGbY3vNpavmTRWmNXefGDE8NYSDIGfxCIuen5bsVd%2FyYsO3q%2BIZVYY5CrGo3KTsTvMy52sHRmkL954VJxeivNbU21j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e760c371919-FRA
layer.js
bewab.co/wp-content/plugins/advanced-ads-layer/public/assets/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/advanced-ads-layer/public/assets/js/layer.js?ver=1.7.7
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a86cdada5e5a31807176f2881b5b196dedbec52d01a47865d9ccbf6f8e33f23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jul 2023 03:38:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
394
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgLnXiMjGXLAviftyMjnk1%2BXnWIaIw9vayNwVzBJ4zhZPgGCRKFNzVAblsjcUJVCAZdkDmS1d90aczOoGbbLCaoh6Ps3tbTRKW%2B2gMmL%2Bn0qaEQrWrm6AyJffazFjXVX94cYU9IT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e761c421919-FRA
sticky.js
bewab.co/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.4
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jul 2023 20:40:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
394
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrx7JG%2B4S%2BFUjC3XrBVByUcvrpi00aCA05lwwARDR6HtoGyF6cT9F8tl5%2FzzSDLxIVma%2FpcwN%2F5n5l9KVozru8siD4kp3M82eblhEjcypeZCqhwus5N%2FbOvdwutU33Yz8g2j70DL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e761c431919-FRA
js.cookie.min.js
bewab.co/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 12:50:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
394
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lEKfwdG1YNNbsqjeCQB4doanZSbPHx2XVqU00AMbFwkQfvni7LWomEP2AwRsB%2F%2BM2Nmg6Di%2F1xOwVkqi4KUxDGEgREky8E0YTiJ6knFBpM2jqgi%2FSRPtmhGqDIJtdgazPFuvu%2Fv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e761c451919-FRA
jquery.sticky-kit.min.js
bewab.co/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 12:50:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
394
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2Z9HmFSRnTc9%2FItXr3kPD8EakqcKczAXe3i8fYvd78iDiVYBavPn3r%2FlonpKcoj2rp%2Bl11JLuAwF5TgnQwF5prbSFXGfIZusif3vF%2BJ3EWovYc52LQodQ1LCKqH0E2Olno7BVot"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e761c461919-FRA
front.min.js
bewab.co/wp-content/plugins/easy-table-of-contents/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.53-1691499015
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fea30e85a1d525bb37a85eeebb9b9edbf0eb8318aaaa8b40f24e8ab2c4fa2d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 12:50:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
394
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6l0ChPvm9Ly0Sh7P%2BlcBnIDPZQ0fT83Zm%2Beaz3RSZbeYNmDvCwMB0R0hPNgYwoTATXwc%2BBg32dZM0JOd1izp3asb6jujQAxinxIqv0psoxkMhcVisKlqWXgyI5mxZbKF8iST2PBz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e761c471919-FRA
advanced-ads-pro.min.js
bewab.co/wp-content/plugins/advanced-ads-pro/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.22.1
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jul 2023 19:39:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
394
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VUeIdQ6IYY0LL8QoFZ6diYxNrvcgQw0dJ3K4yrzyYie1go1mA9OSjp9n8o%2B4oRXgVAypXOGGmPCBeQepUYG6YLAk4nvsOzx9tnaLpUNTkDv4Id1SiuLP5VRVupZ9DS65Eo302PR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e762c6c1919-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bewab.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
313669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 00:05:03 GMT
fontawesome-webfont.woff2
bewab.co/wp-content/themes/mh-magazine-lite/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: bewab.co
URL: https://bewab.co/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://bewab.co/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin
https://bewab.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
cf-cache-status
HIT
last-modified
Fri, 13 Jan 2023 23:38:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
394
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFB%2BGEqMa8DGnNUTAeWP7syIdzgP7vrFKAGDA%2BiDTqSxVNuuAESbLY5NQTdBOgvhg6fMr%2BUaMnrlKG8wsDT9s6qq6pWUvnYrTOKNU5BPpcC3eCAODEXlvSUzhJR1GTzNyJZpYQV%2F"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7fac0e762c741919-FRA
content-length
77160
Luxury-Villas-in-Bali-326x245.jpeg
bewab.co/wp-content/uploads/2023/07/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewab.co/wp-content/uploads/2023/07/Luxury-Villas-in-Bali-326x245.jpeg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca12f526ff6386862e0eff9de7bb6c01ab5b7f6038fc9583e752ef782ae51ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 23 Jul 2023 19:06:50 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=21873
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2B2ctge6MVtST4Q0joaRdOQ8A%2B3rBMk6Dv8Xc%2BEVnNajfgmRVgot8HIWxolyhRUUV6ColNMZtwNZ48TUxB2v74kE0un9Ulh3Ik7E5Lw1BI8ZgIC4Cdsi6J9qYoAXG%2FE7FOCkGYwA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7fac0e762c771919-FRA
content-length
19747
Top-Credit-Cards-for-Frequent-Travelers-326x245.jpg
bewab.co/wp-content/uploads/2023/07/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewab.co/wp-content/uploads/2023/07/Top-Credit-Cards-for-Frequent-Travelers-326x245.jpg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e07c83d1c72a29cc58bb398ee14506d8c07d5c1364be6129a11bc667177d6f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Wed, 05 Jul 2023 21:27:46 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=21020
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sTijHVpK7BMIw0zLC2qBzl9fBHymtik0UO6Imgo8ctkSxQg7JuOTRkRAtbO8bKSkA6p9hhgR%2Fki0rrGEp6MKauwjHyfIBNi9ot7k%2BcxsLOzN0B%2FAA1d0MKbM7mwaHnAOpZOpj%2F8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7fac0e762c781919-FRA
content-length
19306
Equipment-Financing-326x245.jpg
bewab.co/wp-content/uploads/2023/07/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bewab.co/wp-content/uploads/2023/07/Equipment-Financing-326x245.jpg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b5db1ff4c0dcd85d7304e3d87b601d3112d35485e961ab2cc436a947ff0796

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Wed, 05 Jul 2023 21:21:51 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=12526
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh54DhyXRVEMFySQxmZY8BOnwPayyqOyQGVlP%2B5G1%2FkGxELFN%2BRreV6XGz%2FYcFO0cjiJ%2F2MZ40IE7BiYolrnvJfbTJ1C0pBMb1G855gZlSeKJoql3Zivt%2BSgWU9%2FAEf7%2Fc6GxeHo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7fac0e762c791919-FRA
content-length
11463
wp-emoji-release.min.js
bewab.co/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bewab.co/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Mar 2023 05:18:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXbLmclrzBC5536b%2FSOSEtys2WChtI1y4MwAr7h6GmcuuyMDc1wNHIg1ipcdqh%2BRia0mIIE10VIUG%2FHrebriaYuE3j1D71D663zstTqi2a9gBfXT6bEt%2BNeDHdOkKV%2Brp9gEWgpc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7fac0e766cda1919-FRA
avcplayer.js
player.avplayer.com/script/8.3/v/ 		808 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=63f464f674272ad1280cc8a5&AV_PUBLISHERID=63d78a95feee817a470cff47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
073f513e2ef1e863d7b6e4a550303e57d449dd7ce614815a8afbc764cdccfd25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 13:02:40 GMT
etag
"1692363760"
x-hw
1692717172.dop208.fr8.t,1692717172.cds339.fr8.hn,1692717172.cds108.fr8.c
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
213791
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=63d78a95feee817a470cff47&cid=63f464c537fd0759ab083bf9&cb=1692717172273&r=bewab.co&stagid=63f464f674272ad1280cc8a5&stplid=63dccc3f6eb8444ea80a5d1a&d35=&d65=&d66=8&d74=&e=playerLoaded&str=viewable
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-254651219-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MGC1XL39YR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8948d281f636563ad0395e60553a019752cbbb3299a967278cc31fd152458b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66528
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 22 Aug 2023 15:12:52 GMT
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MGC1XL39YR&gtm=45je38l0&_p=492375642&cid=1245587961.1692717172&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692717172&sct=1&seg=0&dl=https%3A%2F%2Fbewab.co%2F&dt=BeWab%20-%20Web%20Article%27s%20Protocol&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MGC1XL39YR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 11:51:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
12075
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129577
x-xss-protection
0
server
cafe
etag
2336233631454045957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 21 Aug 2024 11:51:37 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XDLCPDXTLX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-254651219-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fabb325b1fa4841047a48eef9a145e520c0cb1ea5d5d7a00f65359fbbbae089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78751
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 22 Aug 2023 15:12:52 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-254651219-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 22 Aug 2023 13:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4989
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 22 Aug 2023 15:49:43 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 23:58:04 GMT
content-encoding
gzip
age
2301288
x-guploader-uploadid
ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 25 Jul 2024 23:58:04 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Aug 2023 15:12:52 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 b2bc712713f500af8be071fa65fa924c.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
13062
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
znAO2P5mzbBJf_Mg-WyTpjdVFBr5B40bzGBzw_QXCBcHXLiZ442sfA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7800:a:e047:753:6381 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
Date
Tue, 22 Aug 2023 05:08:18 GMT
Via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
36275
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
RZhOGMugIS0CF-NrTfRk_JYQQOVEadgbgSAvhY0v2dtDvedm9kMlAw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30480
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ILI2XstBJYZcaAA5xkgI17aVijEdYjF%2B%2F7G1v6BRoJVTID32lTb6OSp%2Bd5CO55%2BgeLrnWTvtRHxwob6Qz42NOOA0titDv4Y6itD60jNs4012oKkwW15huQ%2B5SUtvEDisk7Zl0b79I6X8N%2F8v10%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7fac0e78be972ba2-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
4CPGG2PB19G6Y493
age
3575
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7fac0e78b8941e5e-FRA
x-amz-id-2
pzeoRmaYqzxVPX/QWSecMhRQj0dlPfga3bg0/mAfT+rpR9SjPu4gc7A0cWd8tueqvYbdgP4fTuVEesK+7zuJ8g==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
49f431432d0a991b9430360480cf6759
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		123 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284829471672563&correlator=248689388305405&eid=31076398%2C31076475%2C31076868%2C31070233&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=22387492205%3A22857120893%2Cbewab.co.Banner0.1690326020&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250&fluid=height&ifi=1&didk=2291753292&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692717172544&lmt=1692709972&adxs=315&adys=194&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fbewab.co%2F&vis=1&psz=1080x0&msz=1080x0&fws=0&ohw=0&ga_vid=1245587961.1692717172&ga_sid=1692717173&ga_hid=492375642&ga_fc=true&dlt=1692717172024&idt=487&adks=503788297&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d894ed8c055e8dc3c159d1b692d4d3c0365d901576bcd331dee477c46772cb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42789
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284829471672563&correlator=248689388305405&eid=31076398%2C31076475%2C31076868%2C31070233&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=22731072168%3A22857120893%2Cbewab.co.Banner0.1687768959&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250%7C320x280%7C336x280%7C360x300&ifi=2&didk=186364175&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=bewab.co&abxe=1&dt=1692717172550&adxs=989&adys=219&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=bewab.co&loc=https%3A%2F%2Fbewab.co%2F&vis=1&psz=326x0&msz=326x0&fws=4&ohw=326&ga_vid=1245587961.1692717172&ga_sid=1692717173&ga_hid=492375642&ga_fc=true&dlt=1692717172024&idt=487&adks=726961924&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3557498bf36942fae9e543d9948cb135f96a95751af6758261170641cd34b8b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11986
x-xss-protection
0
google-lineitem-id
6361396966
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138442569069
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284829471672563&correlator=248689388305405&eid=31076398%2C31076475%2C31076868%2C31070233&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=22731072168%3A22857120893%2Cbewab.co.Banner0.1687768977&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250%7C320x280%7C336x280%7C360x300&ifi=3&didk=186364363&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=bewab.co&abxe=1&dt=1692717172552&adxs=989&adys=523&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=bewab.co&loc=https%3A%2F%2Fbewab.co%2F&vis=1&psz=326x0&msz=326x0&fws=4&ohw=326&ga_vid=1245587961.1692717172&ga_sid=1692717173&ga_hid=492375642&ga_fc=true&dlt=1692717172024&idt=487&adks=936287070&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2048458d4b3de4c4edd310d41c80fe05e454baed71df88ce20d34d1ca51a0b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26830
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284829471672563&correlator=248689388305405&eid=31076398%2C31076475%2C31076868%2C31070233&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=22731072168%3A22857120893%2Cbewab.co.Banner0.1687769274&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C300x100%7C320x50%7C320x100&ifi=4&didk=255310727&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=bewab.co&abxe=1&dt=1692717172553&adxs=650&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=bewab.co&loc=https%3A%2F%2Fbewab.co%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1245587961.1692717172&ga_sid=1692717173&ga_hid=492375642&ga_fc=true&dlt=1692717172024&idt=487&adks=612636109&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9927bfb66ff07054e2067c46efeb3e1449a0cbde713233fd68f0590989ffaf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9630
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E52B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:52 GMT
expires
Wed, 21 Aug 2024 15:12:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XDLCPDXTLX&gtm=45je38l0&_p=492375642&_gaz=1&cid=1245587961.1692717172&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1692717172&sct=1&seg=0&dl=https%3A%2F%2Fbewab.co%2F&dt=BeWab%20-%20Web%20Article%27s%20Protocol&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XDLCPDXTLX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XDLCPDXTLX&cid=1245587961.1692717172&gtm=45je38l0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XDLCPDXTLX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XDLCPDXTLX&cid=1245587961.1692717172&gtm=45je38l0&aip=1&z=1267376432
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
31d54a4b841c0e438f13.woff
player.avplayer.com/script/8.3/v/assets/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/assets/31d54a4b841c0e438f13.woff
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer
https://bewab.co/
Origin
https://bewab.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 13:02:40 GMT
etag
"1692363760"
x-hw
1692717172.dop017.fr8.t,1692717172.cds214.fr8.hn,1692717172.cds157.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
35197
AVmanager.js
player.aniview.com/script/6.1/ Frame D0ED 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63d78a95feee817a470cff47
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:7b5::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdudE87Z_J-sBxid9p7Fz5AicMm0S1S3NTHq4RCBx9UBCCQN7Y3hYQwNqO_HimBau9yJrUgsOgrNFnTOuQJvXEb_MKp5f758
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130379
last-modified
Tue, 15 Aug 2023 12:18:43 GMT
server
UploadServer
etag
"25aee45ea3338112064b801c98043832"
vary
Accept-Encoding
x-goog-generation
1692101923212281
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130379
accept-ranges
bytes
expires
Tue, 22 Aug 2023 15:22:52 GMT
gg.jpeg
storage.googleapis.com/console-prod/static/1647248968103/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/console-prod/static/1647248968103/gg.jpeg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2eeafbf6e8c39cb74e58548f68bca84b2a785ae31e065f81b01247cb2bbba3a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:42:20 GMT
age
1832
x-guploader-uploadid
ADPycdv69ceaP8kkgTKWRQspTQLcnKzJ4LEmtWW3G_YX2xt2EDLAF6aRssqH3Gghk95c2s1W-7QK8CRYSICBUBM8e7QHqw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3945
last-modified
Mon, 14 Mar 2022 09:09:29 GMT
server
UploadServer
etag
"3e44c151a10676877ecadd43815d7c9c"
x-goog-generation
1647248969723090
x-goog-hash
crc32c=WKvvuQ==, md5=PkTBUaEGdod+yt1DgV18nA==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
3945
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 22 Aug 2023 15:42:20 GMT
collect
www.google-analytics.com/j/ 		1 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=492375642&t=pageview&_s=1&dl=https%3A%2F%2Fbewab.co%2F&ul=en-us&de=UTF-8&dt=BeWab%20-%20Web%20Article%27s%20Protocol&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1384598037&gjid=1329018093&cid=1245587961.1692717172&tid=UA-254651219-1&_gid=1804785126.1692717173&_r=1&gtm=457e38l0&jsscut=1&z=2107673005
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
EpicPlay%20Video%20-%2010%20min%20Extended.mp4
play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/ 		37 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/EpicPlay%20Video%20-%2010%20min%20Extended.mp4
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://bewab.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
x-guploader-uploadid
ADPycduZOiXVoDEzR68QuFNwAgk-9dZOqlg-COBOtWvFm-aPe1iVC0xOmB5dfKRbNIAwj5Eu44yT10vOvYFUNaEzUCxr4A
x-goog-storage-class
MULTI_REGIONAL
Content-Range
bytes 0-12864437/12864438
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
12864438
last-modified
Tue, 21 Feb 2023 14:59:02 GMT
server
UploadServer
etag
"1d1ced0dc744bf51c386bfdbdb4f912b"
x-goog-generation
1676991542343592
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=pMHE4w==, md5=HRztDcdEv1HDhr/b20+RKw==
access-control-expose-headers
Content-Type, range
cache-control
max-age=1800
x-hw
1692717172.dop260.fr8.t,1692717172.cds167.fr8.hn,1692717172.cds159.fr8.c
x-goog-stored-content-length
12864438
accept-ranges
bytes
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbewab.co%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbewab.co%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fbewab.co%2F&rid=esp&cc=1
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
92076460499b9d3354f22b00ff3e551c90499b77c139c5b5a56df0f9d81a4249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-9SdPK+4ESwn53UYFM3QPn07otcg"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bewab.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 22 Aug 2023 15:12:53 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://bewab.co
location
/esp?url=https%3A%2F%2Fbewab.co%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:52 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
syncframe
gum.criteo.com/ Frame 2C88 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bewab.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:52 GMT
server
Kestrel
server-processing-duration-in-ticks
286528
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2bf866a08b86c6f83921e870b1edb343d6a480e74de418dbadabfc7ada7b67b4

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://bewab.co
cache-control
no-cache
x-server
10.45.18.3
access-control-allow-credentials
true
content-length
60
expires
0
container.html
563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BA3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:52 GMT
expires
Wed, 21 Aug 2024 15:12:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
EpicPlay%20Video%20-%2010%20min%20Extended.mp4
play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/ 		691 KB
692 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/EpicPlay%20Video%20-%2010%20min%20Extended.mp4
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash
47b682983548f7d93efbd9418efbc83c57e0a9d810c5041548df280e9ff1eb07

Request headers

Referer
https://bewab.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=12156928-

Response headers

date
Tue, 22 Aug 2023 15:12:52 GMT
x-guploader-uploadid
ADPycduZOiXVoDEzR68QuFNwAgk-9dZOqlg-COBOtWvFm-aPe1iVC0xOmB5dfKRbNIAwj5Eu44yT10vOvYFUNaEzUCxr4A
x-goog-storage-class
MULTI_REGIONAL
Content-Range
bytes 12156928-12864437/12864438
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
707510
last-modified
Tue, 21 Feb 2023 14:59:02 GMT
server
UploadServer
etag
"1d1ced0dc744bf51c386bfdbdb4f912b"
x-goog-generation
1676991542343592
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=pMHE4w==, md5=HRztDcdEv1HDhr/b20+RKw==
access-control-expose-headers
Content-Type, range
cache-control
max-age=1800
x-hw
1692717172.dop260.fr8.t,1692717172.cds167.fr8.hn,1692717172.cds159.fr8.c
x-goog-stored-content-length
12864438
accept-ranges
bytes
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 8BA3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
80614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:19 GMT
css
fonts.googleapis.com/ Frame 8BA3 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 15:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 14:12:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 15:12:52 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 8BA3 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 05:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Aug 2024 05:45:19 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 8BA3 		368 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5758
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130842
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Aug 2024 13:36:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 8BA3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
80614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:19 GMT
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		34 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=63f464f674272ad1280cc8a5&AV_PUBLISHERID=63d78a95feee817a470cff47&AV_VIDEOURL=https%3A%2F%2Fplay.aniview.com%2F6229e046286f660f8b1f0456%2F63f4dc258ff49a7fd503fe28%2FEpicPlay%20Video%20-%2010%20min%20Extended.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbewab.co%2F&AV_CHANNELID=63f464c537fd0759ab083bf9&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=bewab.co&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=63f464f674272ad1280cc8a5&AV_TEMPLATE=63dccc3f6eb8444ea80a5d1a&AV_GPID=/63d78a95feee817a470cff47/63f464f674272ad1280cc8a5/bewab.co&d36=6.2.121&responsive=1&sver=4&avtoken=173038&omv=1.0.1&AV_D66=8.3.16&clsid=195d4564-ce18-474d-89b1-38ea8da27819&rando=24&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1692717173040&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63d78a95feee817a470cff47
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.96.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-96-115.compute-1.amazonaws.com
Software
/
Resource Hash
063c75f38851ae9672f4648fd9fb7fe4a9f03b6d668fa43c0302e69dd210ff44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://bewab.co
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Fri, 11 Aug 2023 01:26:13 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=bewab.co&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.121&apppkg=&fv=1&proto=https&d66=8.3.16&clsid=195d4564-ce18-474d-89b1-38ea8da27819&rando=24&pid=63d78a95feee817a470cff47&cid=63f464c537fd0759ab083bf9&stagid=63f464f674272ad1280cc8a5&stplid=63dccc3f6eb8444ea80a5d1a&e=inventory&vi=100&cb=1692717173040
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sid
mug.criteo.com/ Frame 2C88
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bewab.co&sn=ChromeSyncframe&so=0&topUrl=bewab.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=iK0JknxwV2psL2Y5cGpuWEd4NGM5UWdWem9CYmxaRzdkdDQ4S25iYXFJb1dLOWJqd0s4SmJ4YkRmNWFNM1htMEVXcmpBM1gyQjFuK1BNK3JlKzZYUE9EQzhLUkt0b1FWdEd3elRMejdEVE8rZGRodFdRQlVTUkE2SUpsSk...
427 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iK0JknxwV2psL2Y5cGpuWEd4NGM5UWdWem9CYmxaRzdkdDQ4S25iYXFJb1dLOWJqd0s4SmJ4YkRmNWFNM1htMEVXcmpBM1gyQjFuK1BNK3JlKzZYUE9EQzhLUkt0b1FWdEd3elRMejdEVE8rZGRodFdRQlVTUkE2SUpsSk1kNDd4WTNlZjBrVmVuMkJicU1FdnI5Z0lGRzVjVTNCQ0xjZXM0b3dFS2J3Z2FNZGlQYkw3VDRibzdvVjF2ZGk3aFNyWmhkZldmZi8wU3FpSkNUNWNtaUNmRnZjbGtQbkNDdGJobEF1NWgrM28yRDhOeWM0WG85UGpSNTVUNUxwUkNZNDJPNUI0aCszVTJMWVNsQVloK0U0MEw5NFVaUT09fA&cppv=2
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
caf73cfb77b7e7839f9f7f89129e4205469c656bc5772bab1f4fe30d0d64a8ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2392939
expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=iK0JknxwV2psL2Y5cGpuWEd4NGM5UWdWem9CYmxaRzdkdDQ4S25iYXFJb1dLOWJqd0s4SmJ4YkRmNWFNM1htMEVXcmpBM1gyQjFuK1BNK3JlKzZYUE9EQzhLUkt0b1FWdEd3elRMejdEVE8rZGRodFdRQlVTUkE2SUpsSk1kNDd4WTNlZjBrVmVuMkJicU1FdnI5Z0lGRzVjVTNCQ0xjZXM0b3dFS2J3Z2FNZGlQYkw3VDRibzdvVjF2ZGk3aFNyWmhkZldmZi8wU3FpSkNUNWNtaUNmRnZjbGtQbkNDdGJobEF1NWgrM28yRDhOeWM0WG85UGpSNTVUNUxwUkNZNDJPNUI0aCszVTJMWVNsQVloK0U0MEw5NFVaUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
220173
content-length
0
expires
0
csi
csi.gstatic.com/ Frame 8BA3 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llmg3lu8&c=1008403020176&slotId=504201510088&qqid=CMm9nO7G8IADFQ6Bgwcdqx4JPg&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8BA3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 11:08:17 GMT
x-content-type-options
nosniff
age
273876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 11:08:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8BA3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:08:16 GMT
x-content-type-options
nosniff
age
493477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 22:08:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BA3 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C1PAEdNDkZMmzJI6CjuwPq72k8APM3Ozpb8KltMHfEcCNtwEQASD2z6aTAWCV8v2BlAegAfeb7eAoyAEFqAMByAObBKoE7wFP0EMkENN9Cdti3HRwLttuN5im_JYFTsDRdM5EDXBj3y6xaNlCwjxkiNOJYuZbfreCMW54WryfjJA8VQ_aT6F_YwzencSfffcTru9iwQXrjYxeta6BuSPfnNHeJ9fd7tajW6z8W5DNXjoZS2tGqUll-fIFQoNsqT0qA5TlHSfpE-xul0KYx5YZGvdGV4AKh2ULNX5LuyfcgHY7SBWV-qWVB1frCRQv-1OkVx6ycqNg0MeTxKyA3OHy5tQUPGGs9kEyEbKJiwtRauTHCDGAmvo4bBpN10p9Ku80RacQCLL2WkN-iasq4SnPjdTlZUSatMAEv4f78IIE4AQDiAWIieaTQpAGAaAGdoAH99O9wAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBOP8boU0BMA2BMNiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1692717173083&ai=C1PAEdNDkZMmzJI6CjuwPq72k8APM3Ozpb8KltMHfEcCNtwEQASD2z6aTAWCV8v2BlAegAfeb7eAoyAEFqAMByAObBKoE7wFP0EMkENN9Cdti3HRwLttuN5im_JYFTsDRdM5EDXBj3y6xaNlCwjxkiNOJYuZbfreCMW54WryfjJA8VQ_aT6F_YwzencSfffcTru9iwQXrjYxeta6BuSPfnNHeJ9fd7tajW6z8W5DNXjoZS2tGqUll-fIFQoNsqT0qA5TlHSfpE-xul0KYx5YZGvdGV4AKh2ULNX5LuyfcgHY7SBWV-qWVB1frCRQv-1OkVx6ycqNg0MeTxKyA3OHy5tQUPGGs9kEyEbKJiwtRauTHCDGAmvo4bBpN10p9Ku80RacQCLL2WkN-iasq4SnPjdTlZUSatMAEv4f78IIE4AQDiAWIieaTQpAGAaAGdoAH99O9wAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBOP8boU0BMA2BMNiBQC2BQB0BUB-BYBgBcB
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8BA3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llmg3luk&c=1008403020176&slotId=504201510088&qqid=CMm9nO7G8IADFQ6Bgwcdqx4JPg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.ex&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 8BA3 		28 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C6c_PLx7AemRCZVzaUym1wBoNVB1rIL_-D1O5XWZCZVFcjW5-maHS0InA0r5W-dwRUM_3k0EbD6piZkAEdMbT0mZcL-A&cry=1&dbm_d=AKAmf-DqQAgKrOKhZnDspnre9upuO-EsXsAAyAer7TWRtFlA2POP3AzroxVuzoJ4eWJw7-fGu58OuFWjv3z0RRMw1YBTt3pgvJ4ux2Pj1ym7ZAjJnrR6BNz1hIthjO01l1l_QqtBedIBnHu6yQ9BhE6bFnGsPf8C5ZVHnJ7yOlOaaE1AcenlH0KHtc1K7flnrlq8mDJlaCg1ei4Bw9FS81ZxN-zfYWzTODhpC9si91Zn4XBV0ehp6XTBBQHLi2KbMWH0l1cT3ua2QuoUh2AkHBwqB9uyMaTQyBLa4gYld2MdsZt8WajgR1enRey6gCLLfpiYkL0BGl6YS7sHtQN_rDfByipO-isFyodg1WQn24ufTRY7HH9ySZM2bPR7FLYjnivC1GlwjwUvBLxmMm9HP40JdxhzrqU3CgtNsNnOfjyCOEY9PrX7Ch_AH7TIw-2shg20H98PCC9IczXuMlaK1b1uiRp0yQQeBzym0rNLmB0_29z4w1xA9yexrHpHNEtJVBXZZdEF5dCFdEMkmrW0TOEyM8LJkmzZmJUZpaM39uM9V4S2HYkv3_AFn7il42Ci2jGxwIa66IGnfKxujxVq6DrxblLCjwe_lbrqbv6aZkjyYXwgoKl-zjSMzX_iNZ8DBGSjJnfOi77VYhZqCrvkSbYnLvXf3rxwJ6WMCwnXMR1mT_FwRdCw5e0OQ3duxJ06Eo-0IM7gdS1YUsxIASbPPBk6Zuv8OqYw08OatPdqRnCte6e34N00VANQ16rlxFFrlcRsPVzBjWJlzxSsyLHBWSYoI559qIgEkBWyLJB2zDx1zl0BBsKhx8_nBhdGxctc26f8wf4MCBsqP1x82eryHuvK8mylaBMe91ELwQFpeqyYY-wxBxj_ZuFWA12uolbDG7HpItNOcL2Pz2cU5a161t5tNc1bU2HHb59ebG4hb-12qji5-MVseqEMqST55RhsavsBc-RIIa0OxJHZ5J2RE61cnGc_VCIcuWytwaEkSy8R1Ebz8ivBBNLPi2aEvCt13SMePORG-s4KCm2JyRh4K0ArovQngI5A3TEi8tnMO11vXnLxwf0yGGDCNoFn0E1TZeRMdUTXV7XWU6dMsuJX497BRItbx8BVpbNZ-2SDoAsz77B1lKz6Np1OqwPZyqtFrJUJ8Mf2__8quv5EKUNHhW3G7MuDFWU0OVuJC1TIJkmHdYa1LD5DSAntCikyWI7yjEqA-_1WQY1mvLQftCIp0ZhE39kxNcs_KbwtcIatSJPe-wnf3n-JmKjz-8bvtxQmjKQohr2f9UgjYskFFt_t7SeyNWhQ748anvZLIaWiWSAql5cWtEDBIWKHICrlx63rVsGPMg-6Lv54_NBecXfGTznWXOMvZdqnb5kRKmE5qRzpZYUrgR9qyusAzeiy7NiPwuKNGDD75Dcp3Of8l5fJbO5oHgdfSGuwThFW9c0dhe1_qXaKZZsdIA7_V_A9rkGeRQBNbE2L909bxziiOx60kcKLvbMsJWUxxmGbbS2CVSwiVp80vckSh3rizNY8BgFlj5WUbRVia28r97qhlHjIctFEEnXTD_cL1XH3WDXo4n_EFCmPuJnE_oX_It22j00STneas9AfUjdZiZlDIww589tO-coIx9eiBahKo4RtBcGW6Xr7M8YugMwzMSK1VKYw7f2U4KGcm-E_ZVusiWvm_5Enz0pSIBTTtloZ5KPpTPO78mMHukb0ujGenHO4fdtskY8mSrfJGQ8Yv_kqsB3GtF1fYrbn6CTTmqDV5ciGUh7D3zjzdDFBp1h505en6kICenlUjtnS0_DRGA544oRJGbevYreDrr_2K8aXGbbagANYJFyKwdm5ZGfju0JQiwbT3pQCF3qZrXKIS9WCGeLbaDByoCiezdA30Iw7NGJzcVkURIN3hmi411xaovpuOdgb_bJWb9pxZMfTeJ6q4JS2trS0JaMZsZHPP8aSe1MrQbM3Gtn-NkxIj6uCogilz97coqUqUM2znCbBYZ1L7nRwwK5Ss3AEmuYmGSyiMjozanr_Rp-1HtdD6eQqxUduRBycm0jD98bSh1z0C5ONHLQFesaMqXfyWmCYSMKDI0IqTpVx0bR1PLsz_lHLZbrP12CbSJtJLvk64pXnW6HT5aR66qKXn0xbGwl03XRZyr6XzzMk2o_YDg-l1Sxs-xqEXyBJpVDujoFM1L0JX0aN-EBcoC5tHVNe2GBZJX4koXuZ_p_bBnyHWw15B5QXwkt-6PDbWRf9B1OGDEc74Gmpc2tD7w_zsGlRindk7gQC1DeKKB7zTrhlMuuxfyhH3mTZCHNa7dMk871F8DWGD1mgP6xlIrNMSLuVefnkNuc0tFtl479qMHcxO6X60JbAEmlnHSsj_XvKNDTlAsc6gfL_zuwBpt_p6GooPCwP7aTQW1tcfGfoxo8o5DnXKj5HhXPXXowKcYzYab-wR41jxomdILSS2hdJ98x-KMNDo2WcpT8WQ_fFmMB-ag3YBxp7Y7t7rzVyWzUws_9bCfcUE0vfp4S8lL4_6p7z-mmrMrdCACl80o-X4JOP5UQgRsKeeoTWEODIgPVCOCkBQWpyGh9oa0VfvVqA3FXYC0xNJaPIy4fndTYQD6Qf5S5t7wDEHxsbNHxNAnO1Ls24eH9HU0W0XIbG4fiudm6rqga0RC3PmHM-EgqNAVLcHgyZHK49eDMqo333EB5UpDy3bObKIwbK0bMe0q8kOBPLKAmqU-e7rVZQMYfDBtfERsskodo3xl0P_7x5Qlj08-ZVSkffmcE6YfRy8zrSC63K-QhrMxbFk_5H_9Kb3x7SpHd-SwFMFaYLeoDkdxA6FfH5_mu2bU2s9TOXPc6opxhy7OgV-wrv0fYHsm2HGLHESyPzWq1ltOwntnVz6plrjP8G5j0OnzHbO0X1vxp8kOXJ3By2dvk5ZcxeEK4u3K8AAvg8ttlJGRzhaVpwJdTbpjReOQ2DAPI4lLJkh4I0Hwfnk_j8Rzg_8eLBdfiE8dUFVkHmKDND8qrCLjSsdx3DuerGfByHK6MUTSw2OdlqfDFPoWXRheLArtZuvtME6bAXG0r0c9Tpik5n9HZlfeU2xXaP7Gy0vLTlTQ7HUqdfE-mddrHI5h2I6ux1bhX_Wm-gWS_DpGCzTsHTxDlqv2-8WVWyOjaMceFar-77ZtYof30BIhCunhatI72FjKk351a7zXeQvychceiSjofAgmad45weQNeUth34RmdlhwdaXFSWVwgL2qV77ue4HkpDOXtHOYGbpucn5zKKX3NBGYX5Tz2MXfRP0fiQB6SMQ3fHBUqGKHcPD-ZQWxuBkPxOHFJgeFb3SvAzI7ojU9VJQ5_rUtpLTHgjse0Ru6n0FpxS88ExvJi9j5r_uo3udU61Tx0XRE_uSza92QPeoK-w_q6Rky9Lcus_QZT-CM3_o9dYJ75l1_3g7RuoeGp9BHwMwrow0_sGxMQm1-BKpbt8ZcWZKNfB-h6p6vO3yJ1HOvFj62x6DJkLqJoE4GyxqhiMmV2g6_YGcjQjj4PPwBQW3RZBu9ofn3edOG5Imo76h0NQ00Uu4Cgc8ELENvLLrW4GvuDKLVVRNZA&cid=CAQSTABpAlJWhDpbh4r9ZUFXR0_Y3vp-l48jwUMUCS3Zj15TTlNbmgjNU9HyQ2ehM99BQq6QJrdQs6SZRxTjhy-85c1Ch-nUT0dmsPH9MQMYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f156.1e100.net
Software
cafe /
Resource Hash
ff0184bcdd0a5de59b5ae6f4b1ca8d68e0e6661845b521a3e6efc3b63b21deaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16457
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8BA3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f32f632833ea4ce5973e916e262a4b1cc0e4f229396d2cc129be5522ce7ac2c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
EpicPlay%20Video%20-%2010%20min%20Extended.mp4
play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/6229e046286f660f8b1f0456/63f4dc258ff49a7fd503fe28/EpicPlay%20Video%20-%2010%20min%20Extended.mp4
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
UploadServer /
Resource Hash

Request headers

Referer
https://bewab.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=32768-

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
x-guploader-uploadid
ADPycduZOiXVoDEzR68QuFNwAgk-9dZOqlg-COBOtWvFm-aPe1iVC0xOmB5dfKRbNIAwj5Eu44yT10vOvYFUNaEzUCxr4A
x-goog-storage-class
MULTI_REGIONAL
Content-Range
bytes 32768-12864437/12864438
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Content-Length
12831670
last-modified
Tue, 21 Feb 2023 14:59:02 GMT
server
UploadServer
etag
"1d1ced0dc744bf51c386bfdbdb4f912b"
x-goog-generation
1676991542343592
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=pMHE4w==, md5=HRztDcdEv1HDhr/b20+RKw==
access-control-expose-headers
Content-Type, range
cache-control
max-age=1800
x-hw
1692717173.dop260.fr8.t,1692717173.cds167.fr8.hn,1692717173.cds159.fr8.c
x-goog-stored-content-length
12864438
accept-ranges
bytes
e38937dbf8202c144802.woff
player.avplayer.com/script/8.3/v/assets/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/assets/e38937dbf8202c144802.woff
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
6a156519b783c083e2c25ed5c49c00dd956d6be26a347ef09a77221abbed33e9

Request headers

Referer
https://bewab.co/
Origin
https://bewab.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 13:02:40 GMT
etag
"1692363760"
x-hw
1692717173.dop017.fr8.t,1692717173.cds214.fr8.hn,1692717173.cds203.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
36526
container.html
563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A34 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:52 GMT
expires
Wed, 21 Aug 2024 15:12:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 05A8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:52 GMT
expires
Wed, 21 Aug 2024 15:12:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 625C 		624 B
825 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNVYrB-EH6DLdc_OuPDIma4YSZGQCKA-69NOWWtLJV0eOe0kjkEvLCsOO_j9YKr1LZ3JiBtMy7sHcIBxoLlJq8SSdFBYcxdYs3cQIgs1rHNbIPon1DgmBRMzbxZ6ZD4n0bDNFIOPPB6ndwO5p6oCOJhiDEpcaoEJ2zT9TeU18QchdIiBWns
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:53 GMT
expires
Tue, 22 Aug 2023 15:12:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5A34 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:12:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A34 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzwzFAdzHHJ6oaWKviqE-DZ_CRNvEVp8476x79fFFIAlB1ugvIFeMOIXBdDWMLzj4VKcxDhddEVdOKFFJSSdlO4lTZ084sWltsDHQ9GMD6o2qFlF0
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A34 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6398770887915768952&x=1&ct=76
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 5A34 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
1875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 14:41:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 5A34 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
80614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A34 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:12:53 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame E918 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 22 Aug 2023 15:12:53 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 05A8 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
79026
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13552
x-xss-protection
0
server
cafe
etag
17023098769855550506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:15:47 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 05A8 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 09:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
192564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Aug 2024 09:43:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 05A8 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:12:53 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 05A8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
80614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 05A8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
1875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 14:41:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 05A8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
80614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0QPYdNDkZMmzJI6CjuwPq72k8APM3Ozpb8KltMHfEcCNtwEQASD2z6aTAWCV8v2BlAegAfeb7eAoyAEFqAMBqgTsAU_QQyQQ030J22LcdHAu2243mKb8lgVOwNF0zkQNcGPfLrFo2ULCPGSI04li5lt-t4IxbnhavJ-MkDxVD9pPoX9jDN6dxJ999xOu72LBBeuNjF61roG5I9-c0d4n193u1qNbrPxbkM1eOhlLa0apSWX58gVCg2ypPSoDlOUdJ-kT7G6XQpjHlhka90ZXgAqHZQs1fku7J9yAdjtIFZX6pZUHV-sJFC_7U6RXHupzKUTY1T32PlEZLZkPGB7V2_Ai-2ORJbsMtFhO7kMBGJglW7denfhaZ1MyXcbn-8SQXNx2W615f0EIEGjEj4RxwAS_h_vwggTgBAOIBYiJ5pNCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf3073AA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEKjQIRjWvNjxAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwGwE4_xuhTIE_aY6-AD0BMA2BMNiBQC2BQB0BUBgBcBshcfCh0IABIUcHViLTUyMDA3MDMwMTkyNDU2NjgYzoeGAQ&sigh=Hxgc27UKVvM&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWhDpbh4r9ZUFXR0_Y3vp-l48jwUMUCS3Zj15TTlNbmgjNU9HyQ2ehM99BQq6QJrdQs6SZRxTjhy-85c1Ch-nUT0dmsPH9MQMYAQ&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 8BA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0QPYdNDkZMmzJI6CjuwPq72k8APM3Ozpb8KltMHfEcCNtwEQASD2z6aTAWCV8v2BlAegAfeb7eAoyAEFqAMBqgTsAU_QQyQQ030J22LcdHAu2243mKb8lgVOwNF0zkQNcGPfLrFo2ULCPGSI04li5lt-t4IxbnhavJ-MkDxVD9pPoX9jDN6dxJ999xOu72LBBeuNjF61roG5I9-c0d4n193u1qNbrPxbkM1eOhlLa0apSWX58gVCg2ypPSoDlOUdJ-kT7G6XQpjHlhka90ZXgAqHZQs1fku7J9yAdjtIFZX6pZUHV-sJFC_7U6RXHupzKUTY1T32PlEZLZkPGB7V2_Ai-2ORJbsMtFhO7kMBGJglW7denfhaZ1MyXcbn-8SQXNx2W615f0EIEGjEj4RxwAS_h_vwggTgBAOIBYiJ5pNCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf3073AA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEKjQIRjWvNjxAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwGwE4_xuhTIE_aY6-AD0BMA2BMNiBQC2BQB0BUBgBcBshcfCh0IABIUcHViLTUyMDA3MDMwMTkyNDU2NjgYzoeGAQ&sigh=Hxgc27UKVvM&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWhDpbh4r9ZUFXR0_Y3vp-l48jwUMUCS3Zj15TTlNbmgjNU9HyQ2ehM99BQq6QJrdQs6SZRxTjhy-85c1Ch-nUT0dmsPH9MQMYAQ&vt=10&cbvp=2&vis=1
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 8BA3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llmg3lut&c=1008403020176&slotId=504201510088&qqid=CMm9nO7G8IADFQ6Bgwcdqx4JPg&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 8BA3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 15:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 15:06:37 GMT
file.mp4
r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253173/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8BA3
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253173/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253173/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253173/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/469810A5BA98F1275C5AF223409E97741F320E39.6110DBEB5DAC3E686AD2CC9F51C0EEAE64B4353F/key/cms1/cms_redirect/yes/mh/Wu/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5edndz/ms/onc/mt/1692715610/mv/u/mvi/1/pl/29/file/file.mp4
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
HTTP/1.1
Server
2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:53 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2762021
Last-Modified
Fri, 09 Jun 2023 05:04:47 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 22 Aug 2023 15:12:53 GMT

Redirect headers

date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
654
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
location
https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253173/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/469810A5BA98F1275C5AF223409E97741F320E39.6110DBEB5DAC3E686AD2CC9F51C0EEAE64B4353F/key/cms1/cms_redirect/yes/mh/Wu/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5edndz/ms/onc/mt/1692715610/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8BA3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llmg3m24&c=1008403020176&slotId=504201510088&qqid=CMm9nO7G8IADFQ6Bgwcdqx4JPg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=835&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.md~videopreviewvisible.mh&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3ETiSa83ib6Hc3rvlJMdgw1LOgbuDr-vbBfh74nNVvJNHkmCkGxvgmIloKqnsrLpUKcA-lLvqBeFosJYyaPgzussCFnZ5QUR=w1200-h628-rj-pd-pc0x00e9e9e9
lh6.googleusercontent.com/proxy/ Frame 05A8 		220 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/3ETiSa83ib6Hc3rvlJMdgw1LOgbuDr-vbBfh74nNVvJNHkmCkGxvgmIloKqnsrLpUKcA-lLvqBeFosJYyaPgzussCFnZ5QUR=w1200-h628-rj-pd-pc0x00e9e9e9
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bcb58fce353ad45fa0174595ff691762a6c8a822bcfab7282cf2162d25d3d5a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:56:35 GMT
x-content-type-options
nosniff
server
fife
age
978
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225233
x-xss-protection
0
expires
Wed, 23 Aug 2023 14:56:35 GMT
2904015124725607210
s0.2mdn.net/simgad/ Frame 05A8 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2904015124725607210
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c259a4238c10ddf51140bca667633404eb18c266af607f04f2d8a9cc9f66ac5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 01:00:53 GMT
x-content-type-options
nosniff
age
483120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129717
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 15:21:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Aug 2024 01:00:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A34 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8003735914450&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A34 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8003735914450&version=m202307240101&ct=76&x=1&cor=6398770887915769000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5A34 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bn8yWb-DNPJ-ND3RMFBINDvW_D6uwScTx8UKN3oklD6lVDiVOZcxLa4t8Nh_pRRXF7GfWyDmwvofLo54yIzz45l0KmLJqGBcpq6C_7L6p8PP2vfSR5ucv6gcmd10Kv_331lKyJfB1ZX8r4tJ_jMQ6FOEpPwhsz70tNnSoYE_DDU6cyvPo&dbm_d=AKAmf-D29lLJg6w03o1MhYbv_WwoB_lr_zd9XRcU2rVNB6novYtp2ZbgxUp3crfh2OLi-nNH5W6PijFHsTNd7fI8BQSTGkcy6lCpKAuTB2P_IqEJRG5NXG3v5h-dvgDIx67yEYwLWqNz_vytOjoKg2YQ-Cwhk5VlGx3ngiUD5u7gGGvZaKlFvcOzVSek9IqqW4Tw9huWghh9iQvt8Ed9v17wuh25PQZAAldK17Mc70DgDhUxiNOiO7C9EUABpcDLcm1sizH27ScyO0F040gthviqetQsCSUdS9oss9I_3gz_9B7G7i40FLZ7F7lxVVRg55IOOcSotz6szukNfW0uF0muwZheAJfJA1rOWV-7suXb61LPsQHXJcXiJWIKzvGRg6DLg1KZK8xAhtPKRMofrIdb7A_t7DOScwfWy2o5oxo8PHYBr-7xx-zFo1jQ766hYc0gEjnQWN7sFn6tQYvDGzraFHqFsgI88HUkewow8BMSA_k79bMfZE2jfXM6j6aBI3-efjzLeJQNt2zcC4jhP9KM6x_a7_GjeXFtsNQuH4kk3jPSLT1zplF4NOszdOM9tQEOMhRisJqBslmgz2bN9ABS7sCLekD8zqlBv7SqkPblVM9BST8eAfw0zc6bRgTdkjTyvmcbQkAP9Jqy0KQFAFDbwvfkZw-7-dPH2qnAurtT4n-vXBjPF1py2FOu0POsw_yYNi4ysGXjf7PSakFRjc-XQuUoroVenPUWHHurRKi9kK0QPMo0IaYY-jMBSOR76zuG4i8-lYXr1-OdeE3kTCYsbtt18F3114AY7FwfB8vM83KKR0Vy76dwFdsSquG2A8KaiRQdLMH2e2Fo6yA5AdFfYPssSXcnKu1-VqruQUuKvsqd_wFrSAI-X9vnQnq3mBqo6YrpTh9xAdxN_HrSazFKvpzXgdLU3Qx9cf_9UMD0Xvs74lgKXlhNn82d3NRnISOoxDY7PVg1KAvAxoBj6rcK13w2WrDG845vXZfwbw0g7P9I3BLZMYAi0TZtWnp4LKHS-s08xuLrGhTsOK03QM2q_uOAjmRrq8F3a7CWVZm1nWOFVadx8mPUPQIzcJYWFF8sX-2I_6WPtgJlGWaxYgPSAEW1QfF1CJvUx23QVqsLCL3-FqEfgdHYjGLhIzX0Ss6UZyFLgN_nfKybfPnq8DI3D1RZiYQAYvBCv3VDe8KjeiqS8paOHszerk6a_XsNldvY6b_IgQhVFjC7UyNOsIcFH-ranaGxSnCyYkvQKCqjGSwBM6HDljLhldf_4ayBKPGCL1sa7FwIn3kh71oa49kLjlaUBFERIv8bby0EkHOzTsoe6zpsrl6Tzn8-x9DD_H-2kSspS3FCXMeFqGgligl0UO4TTmT1MdEGFl9ZsuyhWJvtZrEUMJ1eWOuyRCu_mQLhISletDlqJ1ngvLIlWC16ZL9z1S16GkRkRn9LE87Z9p_vXBcHj0FTEzGprUJxo1D8m0OepWM4rVk5FoQEQt-tWmKayVjxr34P_s0pqbJpSHo9ha2ehCkt9gkTeCWTNXcuVDTOtARcpGmVml5IjMVpPk3zRpR3YZbfJyK-U0y6pPLkGNgv6wNiSvP6T1lf-AHKaZoZefBRjPSkTeNKgQbi03RlvUXnIAVqSEoXvn-1ccR_fqrKpbcMXvmqgxCdfB3eu0KEVuusARRdHW4p2q77LHqWj8iXTX4tLyhhMj8bYiw1hvvjafcN1J-vG_VDxrORvKkMTD1Mg6MSPiQ-10Gl1LBmlV4WK1-n2W2KyoHPksmNcmoeL2SZZS7cHkAK9So2ASLYOPZQ7CALhgl5Q6V2aAwmIPPD7ogg8a65zlijRw10FStfKQGZlL20pbv2QH0TxBsHZRodUMLFm2ElkLb2xVybTG7xHtlPbiy75VcSDWvdDK_TLfgdtIM5DHUdX6qftGNaJypUopqIm4Pt_i-WJ868wbxWjKIOGU_BCV8CPHFRdgbCYAev3WSSYpLPeso8v7E9aPxvOYz2JNUHeBcp6QNykIntU5_1cqRQW4W82ry7EUIr3GD2LFUhOAn1YiHM5GPEZmULXM6-43mNJDftfsE0qiREAgIuqHx18106-EopRBAdCMFNQzh_4MOHKHXNXyzc632MUkKL0PksfJI-qKZmZMjTNqxTH_LRTJryl-o71jKefh7KCZ4OnQpspxOCzNAu_g1YWxqRtsLb_WeIY_cddqP4dzhjO3R0-1cylrVMTxhCRQ67MOMdE6DvDGNcxKzaCSphT8C5EOeMimy2Ese234d7Yh2qHF-5isohRl5CM4KYO2yYzP-bXevGdeiqzXk7PQu3UdDWn5l6PbA9o4200OL7CfmH3SMxCGT-zm66NyffyAjv3mf2dedhZijUedLsyDkIJPunJ36XxxoqhvnVsbMhIq6cWsgaiiVTHGchnFLvzI9q7WPXRyOABnOuqkJkUhL7ZEyTMRmbfSTkYTqo823xt5xR8SLK1Cbb3qqsCViDvZdFvOecvKhG0nLEthiANNtKbGqLieVQ5jKSaof9P1wtjcHY0h9W7yIJT7sCToC2arG1Xy3Chv5G8iQElMQtnQLbIU68Swzne1ZwTg7cnydcRj4AJTitw2xqelfL2mfrBW4n3m_jGzbaqwMktth_HUiCXFQfEZ0qBBj7z8x0EIf7G6eOf4tZQY3_UKbMzBLEIO5sgN1YiF5CNEnphFxd8POKPou85h797O9dpFNbQ1VlgyX3ARZZDiO4Y1cQr3XmBz_sCJ7shtH1-Z-O7EfkTzBSFsThC-Y_o0ZeZ7XS9i4-n4-UhbYh-hZ8_y_-QUlnqG5XTDB7dy6m0OOM3LSBYTBWO_ymJLg2nG8rxe_GM8BF0XtD4FqcUx4PCLc8_USrf-gB6oqcNU_YSyrtm3_FAD9ryWj_LOwUY3MefgOZCFB86yDl1RufYLKODGFSJ9uY4KKsy-dqF88Y7A9r4g1Wp0zyiDDDZR_srOeQHvnhG5v-sJeOQzcPT1yfCDaE92ra5QZ3Ckw8MzjEZkAVZkIgMACfb5j08pGDjXKwjLuFK_EZiCIPeJCXa2_140KQ5BgCWVdEnq0O7LhiN3P07jA1X5F4gl4hBSNj6rvUgvte8jLQ2ABmkPtH0x_A-y2osR35XsOGxX_nvTPMjOjPZ3CL41rHBD_GaXatNHx6NuezWCCRUSDqGizMrjvIU3PVmpfJMSCOtvG0uamI8aOnbySupt1MVIUfVedDih_XavhR4zswADdD_xN1gJ_e7Zf43010iH5-gGDZLkZbY2cIi7oCWr9Ra8qusHzybUSyEWzzVM_a0PkJ0ixajtdea3OUh-yKwRR7Vfi3yzqSaMWpvtzKNrNd-75rAqu1EYSkkT6iEKQERjF65aRLeSgOSi3A0VHv1yz7XBoAY9bjuFAHtVfj1sMOBrLVQqSxJDS5mEhOtoknCHvlTPsDm2AaOUFJmwrCT_7mZVEK-f4wD7LH3zthNxCCmbquztb3OEmNDe0rhJPUcRpHHkh6Lv_VkzqSWs-UEhpFYqM3A9zkniX1XMnHt7-zWP4ZU4ucFz2uvP9GZ2vW-KRQ5yBYIXM73RF7A50AwhA34Nxe-qf-V95-1-T7JCtp0kpQZmdesD3iA6-E_pQlUr0Kxit5Ghg8_7JelsJ3FhkZiNG4sHIdWIpxCVqj4mUjKeUOhhEOBLYJjgZLplbWm6VdSuqFWZe5fPfrrPKqvAo&cid=CAQSTABpAlJW0JNIFRdHfUWD9jkRm9KfMnrScoCEngHHiThpYINBRH1ibksEjA1-k4CrhEQF3VSIBCV-eVvPUQV86E1OVXbCRbm8FErhCAEYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fbewab.co%2F&ds=l&xdt=1&iif=1&cor=6398770887915769000&adk=1964084972&idt=97&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9729ae97f8291b9390b5c1c788bdb4a89bd31780831930c726f5604ed16a2a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38806
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 625C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnRB7uXrJAYITLrUorGMjc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnRB7uXrJAYITLrUorGMjc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNVYrB-EH6DLdc_OuPDIma4YSZGQCKA-69NOWWtLJV0eOe0kjkEvLCsOO_j9YKr1LZ3JiBtMy7sHcIBxoLlJq8SSdFBYcxdYs3cQIgs1rHNbIPon1DgmBRMzbxZ6ZD4n0bDNFIOPPB6ndwO5p6oCOJhiDEpcaoEJ2zT9TeU18QchdIiBWns
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnRB7uXrJAYITLrUorGMjc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 625C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTQdTTaCGWnmtdMMEnXvgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnRB7uXrJAYITLrUorGMjc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnRB7uXrJAYITLrUorGMjc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNVYrB-EH6DLdc_OuPDIma4YSZGQCKA-69NOWWtLJV0eOe0kjkEvLCsOO_j9YKr1LZ3JiBtMy7sHcIBxoLlJq8SSdFBYcxdYs3cQIgs1rHNbIPon1DgmBRMzbxZ6ZD4n0bDNFIOPPB6ndwO5p6oCOJhiDEpcaoEJ2zT9TeU18QchdIiBWns
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGnRB7uXrJAYITLrUorGMjc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 625C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1fFRQoMHFxg5ebEYz5UpY&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESED1fFRQoMHFxg5ebEYz5UpY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNVYrB-EH6DLdc_OuPDIma4YSZGQCKA-69NOWWtLJV0eOe0kjkEvLCsOO_j9YKr1LZ3JiBtMy7sHcIBxoLlJq8SSdFBYcxdYs3cQIgs1rHNbIPon1DgmBRMzbxZ6ZD4n0bDNFIOPPB6ndwO5p6oCOJhiDEpcaoEJ2zT9TeU18QchdIiBWns
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
an-x-request-uuid
65285c2b-12c6-42b5-b30a-3447a8728e1a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESED1fFRQoMHFxg5ebEYz5UpY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 625C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2NzcxNzc0MjkzMDk4MDk4Ng%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2NzcxNzc0MjkzMDk4MDk4Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY4t3jwAEwAQ&v=APEucNVYrB-EH6DLdc_OuPDIma4YSZGQCKA-69NOWWtLJV0eOe0kjkEvLCsOO_j9YKr1LZ3JiBtMy7sHcIBxoLlJq8SSdFBYcxdYs3cQIgs1rHNbIPon1DgmBRMzbxZ6ZD4n0bDNFIOPPB6ndwO5p6oCOJhiDEpcaoEJ2zT9TeU18QchdIiBWns
Protocol
H2
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
an-x-request-uuid
4590f778-1421-4909-8cfb-e360ff9e19e4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2NzcxNzc0MjkzMDk4MDk4Ng%3D%3D
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 679E 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
589258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 19:31:55 GMT
expires
Wed, 14 Aug 2024 19:31:55 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame E95D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
279
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:08:14 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 05A8 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25f2e84e9b0964761412e1f80cb1b48216743506c2749ed5f0df3dc3c38ae3d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0295 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaeF-1jjODB05GyVBM_8gt5ssC2bRr3RrtRiDMno7Ft-TBODM6Ue38g5t5XrrP0cP5MugCa35ybahdU0tTPgCx6a8w18RYcEqsrcyqeDEYI5h4Qsd_Ee9RhCZUrTBEZzLMng_sXRlpw2HeTbv6SABcakstWJey8l28I7RshDU238IXKzzeBqUhWF30qcXXhm26RvArk8mdn7WAHDpHftahbr7wAAH2RKoFbpccJM0G2qzAAC22Yxml3zGK34mQ0EK-4xX2SCbeiwxBGGwO86k2BQBMGOUqYaU9_IX3yxNE89IMdIOjA8l71F4BTIeRyFu9BTvxOvFGQQqw0NtSZx_DeQ&sai=AMfl-YT5BPR8CyMtK_1mP_y0mcEQ9gDsyOlMkJvzvJBIiezloj4hvwm9o691xzddqfzBI6o042SXbnaoIwzbo_k1Vh174zGgSX_QchgfT3TvTc6aTuIm4xW4NsjKQWrTl8sjansrbBed9vLSaWKpnYuu&sig=Cg0ArKJSzHs8U-wRNdi9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0295 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed422d718b8ac9148df79dd6b51623a846e0ae15c53f34c5841fb39517e1826b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29454
x-xss-protection
0
server
cafe
etag
198 / 19591 / m202308170101 / config-hash: 1333500184187641948
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:12:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0295 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:12:53 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CY-tkdNDkZN7YJcqTjuwPnIirMO2cuu1xx9-lk9IRjb6dtZ4_EAEgxfDOhAFglfL9gZQHyAEGqQLX3YNie0yyPqgDAaoE4wFP0K0JG7dAxzvIxJ_J2rTTTxkbQNIYfiIQeQfrc03QAbM2E947oCpSUAllP9ZbtAPEQsnLD1heH6E_9-ZpNxqESASBil7AybexFq_rQa7hQ71WdgVqhwo2Y_5CXhOVPPeqYLjITTwiSO-u_K4JQL1WzJYqqIPXhx1frf7GdX3pgsuECEC7Mw3jeabuQrz9HV0F_krQFTOvDzimosAiCqk48nqEppp6GRbf5nVNUSsLEB1J3xP94um7jEurqrMVGrTaeMyNDbgRhR348jjw3OiQcQTCGb-M_M7nxumfTvLCLUHTL8AE8tXQpbME4AQDiAXB5_b6S5IFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHjo29hAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChDz9xMYjIHe8QHSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mgl_aHR0cHM6Ly93d3cucG93dGVjaC5kZS9kZS9iZXN1Y2hlci13ZXJkZW4_dXRtX3NvdXJjZT1kaXNwbGF5LWFkcyZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249MjAyMy5kZS52aXNpdG9ycy5kaXNwbGF5LWFkcy5tZWRpYYAKA8gLAbAT9du_FMgTocyn4wPQEwDYEwrYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzIwNjQ1NjU0NjY2NDE4ORiTonvoFwE&sigh=T-rkW3yl1pE&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJWx6meWn0wSjI1GU-W1GCEiSc_OiOInTW5CzjyWvHxMI1jvIfGja6uCK5E-rjYNOw7ptEGyZq2lXzIezNqddfje-ehhYdIRxgB&template_id=509&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 05A8
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CY-tkdNDkZN7YJcqTjuwPnIirMO2cuu1xx9-lk9IRjb6dtZ4_EAEgxfDOhAFglfL9gZQHyAEGqQLX3YNie0yyPqgDAaoE4wFP0K0JG7dAxzvIxJ_J2rTTTxkbQNIYfiIQeQfrc03QAbM2...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226447322890227767672%22,%22debug_reporting%22:true,%22destination%22:%22https://powtech.de%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226447322890227767672%22,%22debug_reporting%22:true,%22destination%22:%22https://powtech.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%220%22],%224%22:[%2208-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221825803911352049345%22}&andc=true
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Server
142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"6447322890227767672","debug_reporting":true,"destination":"https://powtech.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["0"],"4":["08-22"],"6":["true"]},"priority":"500","source_event_id":"1825803911352049345"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 15:12:53 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6447322890227767672","debug_reporting":true,"destination":"https://powtech.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["0"],"4":["08-22"],"6":["true"]},"priority":"500","source_event_id":"1825803911352049345"}&andc=true
access-control-allow-origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 05A8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6GVkdgp_m2mdCB-ntsARAVc39glIQW9fI3WSvYoUYpP3Xw6_lHEZZ7e4dndQ327sOqM5BgJ3yztRFEy8HROmJvb-0kB8kgh785W2-Xjcvx8UiWJXrgTpr6wH90T_cG6hIREJ3T1G9DStaRXKNXTZSXCGfKCgzxr3zZumFq7sMuB495Fw&cry=1&dbm_d=AKAmf-Cvb2XHz26aeYCHR8O7qZKwf_toTwUJhpG3QPR8QNbIzhHVTrgsDgB2V9B4AT75tFPgcWIlsKghCgwnPp9P-1t6Xwn40A3CqHOG11Bbq2bnNNG9L6g9X3v_MwCTB0AN8eg5Lk05Z-1m8NdQoj_BUgmsnBTL8h78upIak7NCtcdod_A3GkBcB6Oz9FH0I_IHiW87jnk_-JSLvMHy5h3CAuHFCX3OKbsPg8t7bltpUXTqh4Tx958v8gjL0fWO-xNMhZs0OKKtt7kzbD4LYUOKoW0ZwZXlGl4uT86jaJC_aF62bjPqAw0058Qn7y0GwW5fDkGabeQUccUTfjWzO4irVvM_Rx7cqfVoQg-GQYiUTOrFoeajdsCEU2f4b9fAN3mOmcppbfE3cVyQIJB29Yjtd7crs67MFHkjlalwf7Ibc04O5AhXaA8s0MwhVYVBmjC2L2w7WLYhVTc0e-OV_ZDNvop1C-72fdecqIFURR2VC4eYapkYxI1zTex41PbwGG6vwbN4z5uO2j99u6HDP-cNjieSVcnr64KsH0nuQ_Agp7yWzjHxo02teOO2JVzPB009_CkW8-sVykLtQBYdjC60y1OT5kJp5vmU8WZCkJRGiFwVAl4dsAPPxKn985ZJU5cXyxRcvhCdiZiLE9aUgYvT7XioMj137ejH1ZlJkM5cetEGbx5kBYx9gOZzTUFx8fOBWPeY61Rp36SRi4vEaRUeouJOQwyS1r2-BzjqsX8uKxPkf6fafvVwcHSln80ghZNtV7SqcKgQVjHg1zV_tkaTwB0JoO_GamfSqG-VySSUgF8ZMu1b5PlmJuCbJXLB4ycfMJRBn_bvf1S5c05f7Kh9aIpnO2XEKB2z4ZNzHUMEoHuUzzKrh8SqJdwT8K90-Ql3KOqywgQabrMZtsz00JNA6F-qlNohiRArgoANigoyk1YagO_IsyUiCa3oIcU2QytyEzJzny4-Upo3yvnyTXQSk1a3i5yddRhBZy-8QT55olLrwDWKnvjoz62nQs4DIU37pyityvbxMmd3IibbRw3mQ5evqkS5BUAMS6wRvaHK0thDCeTyDFh3KgEjJOQ8qPbgkXYScTU84PQM8gNYvIFkymtKBQ30xBD3bUtm8NG2m4xbWKlDob-drJocD2arFTKol1Wf5an7-b10jvBglO41AotmJLFkzN8471AmaagM1BjhYAoqfIegIMtHol8P6_SdG0QyxzFbmaELckhhTdCb0kVolAsL6qH1GEucxjXeFTKnjV9r8FqdNjixc4RxHmJ3gjdE-3dlgCzXJcQMWZ3CXAf9Vncgwg7_LryM_XtkLdgb90I1FDNj1ZkPfy8oz6mLN-Yo0NxmxxK0SENDmz7DSiEMsU_WXoJ-NIZsqwMR5IF4B4Wn8kFTrmcWhZoD7Ov_LQQVUSjFDdFaQbvkiYued4D28Qk3PQiOlvqJMgqu2qaGqr70pj9VE_2odT17V4fQg7LfYzSOgimblQqAx8kkPX00XayA8wLF60Kp-7v1sxdWDHsq4qB8qLbssr6tO2nQLeF7PzhePBORDuFiUWErDoWvffaM2SX78ANaOwzP8zQkLHLUgRNv1zh0ECB6Tdy3fpYK9EtE6uHODuWqF8e4pzBAit3eZYCYGs8pYbAb7nlCP7k43qEleBKoRItzQmvue1U9i01pSgc5m1WlZU451i1Iyc79EobE0XLGrDr0o3iWfZJxCxud9AebRED8pTaEkTeP7MOrKePu7xkok48KG_j7pFneNxJZbfivthcVs9PIC0lKsF30jvSAOTPMwt7m8UFVPWjkW-iDbe2FpwPMYa4oZNm8RObF9Yqz4V3fGaT9iP8yRYYx-FbPor-XB_hK362D4YhGh6qbNMeXnK2Wwo9DFcSVa9z97hVBeVSYFfM3iXa_iQpXeIfjWGfwtuTtrdp2zsAgSuqBfYoW33kWll15_IbpEeHdm96cjseQb3F23XknSzm_rxJNwbZfTy_p9j3hsUTGsBjf4Q12SsHoGPNnLDjATY18geIQ7YrHUWS6wTVyA4jUKSPXd6BMpWGHJ1WtE5a4LBRvdujgsJ2iPGw4W32gGiojwHC0RTGe5OuP4PF6Ee6RGthqbIdRhDG0TVausxNuuYh5i7-rGmHoa4XcapOomjurSAqjacLRNMPEkTsN6vV3X2YseM372OxT_yjvljMHQej0fUjOZJb3xfEJW-Vxkp-rqiCQ6WQk1Fb-bqNfo3tfzlVa3ycIqlzTcA8nbjiYgScwNl4LNqNiQLBt1B-X7YDBCaVylh7QxO7Ub66BccrSN9Xwl5VGyvvsgLes-preH0Fj5rCK2KJdKX3dX7bjYDWY4rXc7eaMBZjaFcBF6tda6z-PBrnpcTKZ0cVtTqFoyHhXQuVpvlHLQ14rNgt4enJ30wL9RSAhmDJnPZQQiEU1jsb5NitIQCu2GG9V__weC6oAOMsFkfADWekRr5iqFi2z7_lLm16cSaikdaZ3ujGc8p1t9bUNC55jOKWNGj7OW20VgR8LI3_7wpOrmFmI9fAiEvEMPyzD2IKo60K8gMaOPAJGNvam3UOKUTiLwR-95ikZhbdVaZLtOb4UPJIDD77b5Hull68_KlvdxEYfxJmuLEtHXa64u00tHI-vUwWfZw9OsfX1cAJkPm8XAIO82lYKqn23olVaaZTmIsiPe2XixAkS_evgg60xdx57tGpHLVt6IOSlN36esavSTwXoYIWe8IPTF5owWIBA6V55vDErianhATQ_WieKu7Dz3U8tV32LX1wwjMbT5gxBCcafCi25SA1gsRolmGR_eQiAMxJyAI9YXdm926Qa8Cd3nOP9XDdA7U94Ilo26wzbUM5W5xObXRUR9CmmtgxZ-7rVrryhqWHYL2iMKqWC0wVoLIOtGT0lCIRoFs8wwshk8UISJ-jwtJjgWu0XORHQUtG2hqesULmP0VXuQ-RS8_kDHW9XkvZatXWaepceBgDnT9Ci12rvSwE8RDZr8RGVGS7mq0mAzp4_Dq60N4x7lrQJqFh5udrg_ZYaFRfcOphMLk-y46yKRdbJo1PxJWhjCFawPFDhQ_lNnDFSpWf2Ryt02Fi9Ge01jbrbS6xtjhgLG6gKDh_iszX3Sx5Qdp994XnExeysz14FrjuhodGOJiwF0VvDKA1cg0W31gG5Zvul5wBbgaVfZcfB4q-Dzgw7ydsPOH1E1qO_PbVLM7lGTGcR8BN_ae0AD9CdsSqGneq6v8jLy0ZHBOcbjjKIvkGgoCXHrmIzCiieZfX2cQir2-JqHWQLsnuHVIOqrkw9zOHPAcd6agLZXYwu5BgMLk0jP8efir2q5gBnd9_YF7m3DnUbCCP__8I7PAPNjOR_W2HWA-sDasFCezn-W0VYKPRWsCJqG564XIQC7QTr2mpygjfvjYH-givYfusGaEg9qRA1pg9fwjp_0M1MTjia4rVowLu355rim4EEi2LvqE5AC9i6XGXQPPEtZbha4ASyKEaIV4Vc4m0irD48aQBf03wp4tgykAtkOQPA-9Vl8BLx1VxMX8yftOFu4rub2aT7H7Xz11v2fXKwSqEf4XnDYW1wzyqmMXBx53BOPfCy_KTwiBeHscMAuJBOOdv-1i7kqoqTGGYtBGjbQz5vifVUMoNpZugeCBgOojBdwIl3M0hmpBH31inzCHA1BIuz3_tQHyuL_RCTOA&cid=CAQSSwBpAlJWx6meWn0wSjI1GU-W1GCEiSc_OiOInTW5CzjyWvHxMI1jvIfGja6uCK5E-rjYNOw7ptEGyZq2lXzIezNqddfje-ehhYdIRxgB&dc_exteid=31225120481842353421024737811600872&dc_pubid=4&cbvp=2
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
dm.hybrid.ai/ Frame 65EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dm.hybrid.ai/match?id=407&vid=1692717173004-960420603629-001257-006-009793&gdpr=1&gdpr_consent=&burl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1692717173004-960420603629-001257-006-009793%26biddername%3D166%26pid%3D5e7b9048180bd02ded4b0937%26key%3D%24%7BVID%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63d78a95feee817a470cff47
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store
date
Tue, 22 Aug 2023 15:12:53 GMT
expires
-1
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
pragma
no-cache
server
Hybrid Web Server
x-mode
126
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame 56F9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63d78a95feee817a470cff47
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 15:12:53 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Aug 2023 15:12:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bewab.co&rs=bewab.co&sid=41308&t=1692717173&cip=217.114.218.27&sn=&tgt=0&osv=10&bv=116.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=63d78a95feee817a470cff47&test=&d64=1da46d0db7759b029a4c27c13312f786&d63=1da46d0db7759b029a4c27c13312f786&aafaid=&proto=https&uid=1692717173004-960420603629-001257-006-009793&cha=0.7&stagid=63f464f674272ad1280cc8a5&stplid=63dccc3f6eb8444ea80a5d1a&d35=&d36=6.2.121&cb=26300347739&d39=&d65=&d66=8.3.16&d74=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.16&d74=&stagid=63f464f674272ad1280cc8a5&stplid=63dccc3f6eb8444ea80a5d1a&cvid=&cpid=&str=viewable&AV_WIDTH=640&AV_HEIGHT=360&&ppid=63d78a95feee817a470cff47&nid=6229e046286f660f8b1f0456&pcid=63f464c537fd0759ab083bf9&ncid=63f464642ef234bba20bb7db&pasid=63f464c537fd0759ab083bf8&e=request&cb=1692717173503&asid=641c183c7767b0f7f80a5968%2C641d39584a85396ff302ae5a%2C6454ca0aa812af31b20ac9d6&ofpr=%2C%2C&fpo=%2C%2C&ri=1%2C1%2C1
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bewab.co&rs=bewab.co&sid=41308&t=1692717173&cip=217.114.218.27&sn=&tgt=0&osv=10&bv=116.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=63d78a95feee817a470cff47&test=&d64=1da46d0db7759b029a4c27c13312f786&d63=1da46d0db7759b029a4c27c13312f786&aafaid=&proto=https&uid=1692717173004-960420603629-001257-006-009793&cha=0.7&stagid=63f464f674272ad1280cc8a5&stplid=63dccc3f6eb8444ea80a5d1a&d35=&d36=6.2.121&cb=26300347739&d39=&d65=&d66=8.3.16&d74=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.16&d74=&stagid=63f464f674272ad1280cc8a5&stplid=63dccc3f6eb8444ea80a5d1a&cvid=&cpid=&str=viewable&AV_WIDTH=640&AV_HEIGHT=360&&copid=6229e046286f660f8b1f0456&nid=5e7b9048180bd02ded4b0937&cocid=63f464642ef234bba20bb7db&ncid=64182002d07b37e6120b01ab&coasid=6418229db0948db9650d05a4&e=request&cb=1692717173503&asid=641c5fa04c01795c73027a26%2C64b909888b1fe292010ba0df%2C641c5f88162ce32e5408bd15%2C64b9095f374294287b02f804%2C64181fb69bcae062fd09ddb9%2C64181fdbb84e17b4190595c9%2C641c5c491b4ce7b59f0b3497%2C64181f9ffa69721aed018605&ofpr=%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 5A34 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
Origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 09:29:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 5A34 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bn8yWb-DNPJ-ND3RMFBINDvW_D6uwScTx8UKN3oklD6lVDiVOZcxLa4t8Nh_pRRXF7GfWyDmwvofLo54yIzz45l0KmLJqGBcpq6C_7L6p8PP2vfSR5ucv6gcmd10Kv_331lKyJfB1ZX8r4tJ_jMQ6FOEpPwhsz70tNnSoYE_DDU6cyvPo&dbm_d=AKAmf-D29lLJg6w03o1MhYbv_WwoB_lr_zd9XRcU2rVNB6novYtp2ZbgxUp3crfh2OLi-nNH5W6PijFHsTNd7fI8BQSTGkcy6lCpKAuTB2P_IqEJRG5NXG3v5h-dvgDIx67yEYwLWqNz_vytOjoKg2YQ-Cwhk5VlGx3ngiUD5u7gGGvZaKlFvcOzVSek9IqqW4Tw9huWghh9iQvt8Ed9v17wuh25PQZAAldK17Mc70DgDhUxiNOiO7C9EUABpcDLcm1sizH27ScyO0F040gthviqetQsCSUdS9oss9I_3gz_9B7G7i40FLZ7F7lxVVRg55IOOcSotz6szukNfW0uF0muwZheAJfJA1rOWV-7suXb61LPsQHXJcXiJWIKzvGRg6DLg1KZK8xAhtPKRMofrIdb7A_t7DOScwfWy2o5oxo8PHYBr-7xx-zFo1jQ766hYc0gEjnQWN7sFn6tQYvDGzraFHqFsgI88HUkewow8BMSA_k79bMfZE2jfXM6j6aBI3-efjzLeJQNt2zcC4jhP9KM6x_a7_GjeXFtsNQuH4kk3jPSLT1zplF4NOszdOM9tQEOMhRisJqBslmgz2bN9ABS7sCLekD8zqlBv7SqkPblVM9BST8eAfw0zc6bRgTdkjTyvmcbQkAP9Jqy0KQFAFDbwvfkZw-7-dPH2qnAurtT4n-vXBjPF1py2FOu0POsw_yYNi4ysGXjf7PSakFRjc-XQuUoroVenPUWHHurRKi9kK0QPMo0IaYY-jMBSOR76zuG4i8-lYXr1-OdeE3kTCYsbtt18F3114AY7FwfB8vM83KKR0Vy76dwFdsSquG2A8KaiRQdLMH2e2Fo6yA5AdFfYPssSXcnKu1-VqruQUuKvsqd_wFrSAI-X9vnQnq3mBqo6YrpTh9xAdxN_HrSazFKvpzXgdLU3Qx9cf_9UMD0Xvs74lgKXlhNn82d3NRnISOoxDY7PVg1KAvAxoBj6rcK13w2WrDG845vXZfwbw0g7P9I3BLZMYAi0TZtWnp4LKHS-s08xuLrGhTsOK03QM2q_uOAjmRrq8F3a7CWVZm1nWOFVadx8mPUPQIzcJYWFF8sX-2I_6WPtgJlGWaxYgPSAEW1QfF1CJvUx23QVqsLCL3-FqEfgdHYjGLhIzX0Ss6UZyFLgN_nfKybfPnq8DI3D1RZiYQAYvBCv3VDe8KjeiqS8paOHszerk6a_XsNldvY6b_IgQhVFjC7UyNOsIcFH-ranaGxSnCyYkvQKCqjGSwBM6HDljLhldf_4ayBKPGCL1sa7FwIn3kh71oa49kLjlaUBFERIv8bby0EkHOzTsoe6zpsrl6Tzn8-x9DD_H-2kSspS3FCXMeFqGgligl0UO4TTmT1MdEGFl9ZsuyhWJvtZrEUMJ1eWOuyRCu_mQLhISletDlqJ1ngvLIlWC16ZL9z1S16GkRkRn9LE87Z9p_vXBcHj0FTEzGprUJxo1D8m0OepWM4rVk5FoQEQt-tWmKayVjxr34P_s0pqbJpSHo9ha2ehCkt9gkTeCWTNXcuVDTOtARcpGmVml5IjMVpPk3zRpR3YZbfJyK-U0y6pPLkGNgv6wNiSvP6T1lf-AHKaZoZefBRjPSkTeNKgQbi03RlvUXnIAVqSEoXvn-1ccR_fqrKpbcMXvmqgxCdfB3eu0KEVuusARRdHW4p2q77LHqWj8iXTX4tLyhhMj8bYiw1hvvjafcN1J-vG_VDxrORvKkMTD1Mg6MSPiQ-10Gl1LBmlV4WK1-n2W2KyoHPksmNcmoeL2SZZS7cHkAK9So2ASLYOPZQ7CALhgl5Q6V2aAwmIPPD7ogg8a65zlijRw10FStfKQGZlL20pbv2QH0TxBsHZRodUMLFm2ElkLb2xVybTG7xHtlPbiy75VcSDWvdDK_TLfgdtIM5DHUdX6qftGNaJypUopqIm4Pt_i-WJ868wbxWjKIOGU_BCV8CPHFRdgbCYAev3WSSYpLPeso8v7E9aPxvOYz2JNUHeBcp6QNykIntU5_1cqRQW4W82ry7EUIr3GD2LFUhOAn1YiHM5GPEZmULXM6-43mNJDftfsE0qiREAgIuqHx18106-EopRBAdCMFNQzh_4MOHKHXNXyzc632MUkKL0PksfJI-qKZmZMjTNqxTH_LRTJryl-o71jKefh7KCZ4OnQpspxOCzNAu_g1YWxqRtsLb_WeIY_cddqP4dzhjO3R0-1cylrVMTxhCRQ67MOMdE6DvDGNcxKzaCSphT8C5EOeMimy2Ese234d7Yh2qHF-5isohRl5CM4KYO2yYzP-bXevGdeiqzXk7PQu3UdDWn5l6PbA9o4200OL7CfmH3SMxCGT-zm66NyffyAjv3mf2dedhZijUedLsyDkIJPunJ36XxxoqhvnVsbMhIq6cWsgaiiVTHGchnFLvzI9q7WPXRyOABnOuqkJkUhL7ZEyTMRmbfSTkYTqo823xt5xR8SLK1Cbb3qqsCViDvZdFvOecvKhG0nLEthiANNtKbGqLieVQ5jKSaof9P1wtjcHY0h9W7yIJT7sCToC2arG1Xy3Chv5G8iQElMQtnQLbIU68Swzne1ZwTg7cnydcRj4AJTitw2xqelfL2mfrBW4n3m_jGzbaqwMktth_HUiCXFQfEZ0qBBj7z8x0EIf7G6eOf4tZQY3_UKbMzBLEIO5sgN1YiF5CNEnphFxd8POKPou85h797O9dpFNbQ1VlgyX3ARZZDiO4Y1cQr3XmBz_sCJ7shtH1-Z-O7EfkTzBSFsThC-Y_o0ZeZ7XS9i4-n4-UhbYh-hZ8_y_-QUlnqG5XTDB7dy6m0OOM3LSBYTBWO_ymJLg2nG8rxe_GM8BF0XtD4FqcUx4PCLc8_USrf-gB6oqcNU_YSyrtm3_FAD9ryWj_LOwUY3MefgOZCFB86yDl1RufYLKODGFSJ9uY4KKsy-dqF88Y7A9r4g1Wp0zyiDDDZR_srOeQHvnhG5v-sJeOQzcPT1yfCDaE92ra5QZ3Ckw8MzjEZkAVZkIgMACfb5j08pGDjXKwjLuFK_EZiCIPeJCXa2_140KQ5BgCWVdEnq0O7LhiN3P07jA1X5F4gl4hBSNj6rvUgvte8jLQ2ABmkPtH0x_A-y2osR35XsOGxX_nvTPMjOjPZ3CL41rHBD_GaXatNHx6NuezWCCRUSDqGizMrjvIU3PVmpfJMSCOtvG0uamI8aOnbySupt1MVIUfVedDih_XavhR4zswADdD_xN1gJ_e7Zf43010iH5-gGDZLkZbY2cIi7oCWr9Ra8qusHzybUSyEWzzVM_a0PkJ0ixajtdea3OUh-yKwRR7Vfi3yzqSaMWpvtzKNrNd-75rAqu1EYSkkT6iEKQERjF65aRLeSgOSi3A0VHv1yz7XBoAY9bjuFAHtVfj1sMOBrLVQqSxJDS5mEhOtoknCHvlTPsDm2AaOUFJmwrCT_7mZVEK-f4wD7LH3zthNxCCmbquztb3OEmNDe0rhJPUcRpHHkh6Lv_VkzqSWs-UEhpFYqM3A9zkniX1XMnHt7-zWP4ZU4ucFz2uvP9GZ2vW-KRQ5yBYIXM73RF7A50AwhA34Nxe-qf-V95-1-T7JCtp0kpQZmdesD3iA6-E_pQlUr0Kxit5Ghg8_7JelsJ3FhkZiNG4sHIdWIpxCVqj4mUjKeUOhhEOBLYJjgZLplbWm6VdSuqFWZe5fPfrrPKqvAo&cid=CAQSTABpAlJW0JNIFRdHfUWD9jkRm9KfMnrScoCEngHHiThpYINBRH1ibksEjA1-k4CrhEQF3VSIBCV-eVvPUQV86E1OVXbCRbm8FErhCAEYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fbewab.co%2F&ds=l&xdt=1&iif=1&cor=6398770887915769000&adk=1964084972&idt=97&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:55:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
4617
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 13:55:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 5A34 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bn8yWb-DNPJ-ND3RMFBINDvW_D6uwScTx8UKN3oklD6lVDiVOZcxLa4t8Nh_pRRXF7GfWyDmwvofLo54yIzz45l0KmLJqGBcpq6C_7L6p8PP2vfSR5ucv6gcmd10Kv_331lKyJfB1ZX8r4tJ_jMQ6FOEpPwhsz70tNnSoYE_DDU6cyvPo&dbm_d=AKAmf-D29lLJg6w03o1MhYbv_WwoB_lr_zd9XRcU2rVNB6novYtp2ZbgxUp3crfh2OLi-nNH5W6PijFHsTNd7fI8BQSTGkcy6lCpKAuTB2P_IqEJRG5NXG3v5h-dvgDIx67yEYwLWqNz_vytOjoKg2YQ-Cwhk5VlGx3ngiUD5u7gGGvZaKlFvcOzVSek9IqqW4Tw9huWghh9iQvt8Ed9v17wuh25PQZAAldK17Mc70DgDhUxiNOiO7C9EUABpcDLcm1sizH27ScyO0F040gthviqetQsCSUdS9oss9I_3gz_9B7G7i40FLZ7F7lxVVRg55IOOcSotz6szukNfW0uF0muwZheAJfJA1rOWV-7suXb61LPsQHXJcXiJWIKzvGRg6DLg1KZK8xAhtPKRMofrIdb7A_t7DOScwfWy2o5oxo8PHYBr-7xx-zFo1jQ766hYc0gEjnQWN7sFn6tQYvDGzraFHqFsgI88HUkewow8BMSA_k79bMfZE2jfXM6j6aBI3-efjzLeJQNt2zcC4jhP9KM6x_a7_GjeXFtsNQuH4kk3jPSLT1zplF4NOszdOM9tQEOMhRisJqBslmgz2bN9ABS7sCLekD8zqlBv7SqkPblVM9BST8eAfw0zc6bRgTdkjTyvmcbQkAP9Jqy0KQFAFDbwvfkZw-7-dPH2qnAurtT4n-vXBjPF1py2FOu0POsw_yYNi4ysGXjf7PSakFRjc-XQuUoroVenPUWHHurRKi9kK0QPMo0IaYY-jMBSOR76zuG4i8-lYXr1-OdeE3kTCYsbtt18F3114AY7FwfB8vM83KKR0Vy76dwFdsSquG2A8KaiRQdLMH2e2Fo6yA5AdFfYPssSXcnKu1-VqruQUuKvsqd_wFrSAI-X9vnQnq3mBqo6YrpTh9xAdxN_HrSazFKvpzXgdLU3Qx9cf_9UMD0Xvs74lgKXlhNn82d3NRnISOoxDY7PVg1KAvAxoBj6rcK13w2WrDG845vXZfwbw0g7P9I3BLZMYAi0TZtWnp4LKHS-s08xuLrGhTsOK03QM2q_uOAjmRrq8F3a7CWVZm1nWOFVadx8mPUPQIzcJYWFF8sX-2I_6WPtgJlGWaxYgPSAEW1QfF1CJvUx23QVqsLCL3-FqEfgdHYjGLhIzX0Ss6UZyFLgN_nfKybfPnq8DI3D1RZiYQAYvBCv3VDe8KjeiqS8paOHszerk6a_XsNldvY6b_IgQhVFjC7UyNOsIcFH-ranaGxSnCyYkvQKCqjGSwBM6HDljLhldf_4ayBKPGCL1sa7FwIn3kh71oa49kLjlaUBFERIv8bby0EkHOzTsoe6zpsrl6Tzn8-x9DD_H-2kSspS3FCXMeFqGgligl0UO4TTmT1MdEGFl9ZsuyhWJvtZrEUMJ1eWOuyRCu_mQLhISletDlqJ1ngvLIlWC16ZL9z1S16GkRkRn9LE87Z9p_vXBcHj0FTEzGprUJxo1D8m0OepWM4rVk5FoQEQt-tWmKayVjxr34P_s0pqbJpSHo9ha2ehCkt9gkTeCWTNXcuVDTOtARcpGmVml5IjMVpPk3zRpR3YZbfJyK-U0y6pPLkGNgv6wNiSvP6T1lf-AHKaZoZefBRjPSkTeNKgQbi03RlvUXnIAVqSEoXvn-1ccR_fqrKpbcMXvmqgxCdfB3eu0KEVuusARRdHW4p2q77LHqWj8iXTX4tLyhhMj8bYiw1hvvjafcN1J-vG_VDxrORvKkMTD1Mg6MSPiQ-10Gl1LBmlV4WK1-n2W2KyoHPksmNcmoeL2SZZS7cHkAK9So2ASLYOPZQ7CALhgl5Q6V2aAwmIPPD7ogg8a65zlijRw10FStfKQGZlL20pbv2QH0TxBsHZRodUMLFm2ElkLb2xVybTG7xHtlPbiy75VcSDWvdDK_TLfgdtIM5DHUdX6qftGNaJypUopqIm4Pt_i-WJ868wbxWjKIOGU_BCV8CPHFRdgbCYAev3WSSYpLPeso8v7E9aPxvOYz2JNUHeBcp6QNykIntU5_1cqRQW4W82ry7EUIr3GD2LFUhOAn1YiHM5GPEZmULXM6-43mNJDftfsE0qiREAgIuqHx18106-EopRBAdCMFNQzh_4MOHKHXNXyzc632MUkKL0PksfJI-qKZmZMjTNqxTH_LRTJryl-o71jKefh7KCZ4OnQpspxOCzNAu_g1YWxqRtsLb_WeIY_cddqP4dzhjO3R0-1cylrVMTxhCRQ67MOMdE6DvDGNcxKzaCSphT8C5EOeMimy2Ese234d7Yh2qHF-5isohRl5CM4KYO2yYzP-bXevGdeiqzXk7PQu3UdDWn5l6PbA9o4200OL7CfmH3SMxCGT-zm66NyffyAjv3mf2dedhZijUedLsyDkIJPunJ36XxxoqhvnVsbMhIq6cWsgaiiVTHGchnFLvzI9q7WPXRyOABnOuqkJkUhL7ZEyTMRmbfSTkYTqo823xt5xR8SLK1Cbb3qqsCViDvZdFvOecvKhG0nLEthiANNtKbGqLieVQ5jKSaof9P1wtjcHY0h9W7yIJT7sCToC2arG1Xy3Chv5G8iQElMQtnQLbIU68Swzne1ZwTg7cnydcRj4AJTitw2xqelfL2mfrBW4n3m_jGzbaqwMktth_HUiCXFQfEZ0qBBj7z8x0EIf7G6eOf4tZQY3_UKbMzBLEIO5sgN1YiF5CNEnphFxd8POKPou85h797O9dpFNbQ1VlgyX3ARZZDiO4Y1cQr3XmBz_sCJ7shtH1-Z-O7EfkTzBSFsThC-Y_o0ZeZ7XS9i4-n4-UhbYh-hZ8_y_-QUlnqG5XTDB7dy6m0OOM3LSBYTBWO_ymJLg2nG8rxe_GM8BF0XtD4FqcUx4PCLc8_USrf-gB6oqcNU_YSyrtm3_FAD9ryWj_LOwUY3MefgOZCFB86yDl1RufYLKODGFSJ9uY4KKsy-dqF88Y7A9r4g1Wp0zyiDDDZR_srOeQHvnhG5v-sJeOQzcPT1yfCDaE92ra5QZ3Ckw8MzjEZkAVZkIgMACfb5j08pGDjXKwjLuFK_EZiCIPeJCXa2_140KQ5BgCWVdEnq0O7LhiN3P07jA1X5F4gl4hBSNj6rvUgvte8jLQ2ABmkPtH0x_A-y2osR35XsOGxX_nvTPMjOjPZ3CL41rHBD_GaXatNHx6NuezWCCRUSDqGizMrjvIU3PVmpfJMSCOtvG0uamI8aOnbySupt1MVIUfVedDih_XavhR4zswADdD_xN1gJ_e7Zf43010iH5-gGDZLkZbY2cIi7oCWr9Ra8qusHzybUSyEWzzVM_a0PkJ0ixajtdea3OUh-yKwRR7Vfi3yzqSaMWpvtzKNrNd-75rAqu1EYSkkT6iEKQERjF65aRLeSgOSi3A0VHv1yz7XBoAY9bjuFAHtVfj1sMOBrLVQqSxJDS5mEhOtoknCHvlTPsDm2AaOUFJmwrCT_7mZVEK-f4wD7LH3zthNxCCmbquztb3OEmNDe0rhJPUcRpHHkh6Lv_VkzqSWs-UEhpFYqM3A9zkniX1XMnHt7-zWP4ZU4ucFz2uvP9GZ2vW-KRQ5yBYIXM73RF7A50AwhA34Nxe-qf-V95-1-T7JCtp0kpQZmdesD3iA6-E_pQlUr0Kxit5Ghg8_7JelsJ3FhkZiNG4sHIdWIpxCVqj4mUjKeUOhhEOBLYJjgZLplbWm6VdSuqFWZe5fPfrrPKqvAo&cid=CAQSTABpAlJW0JNIFRdHfUWD9jkRm9KfMnrScoCEngHHiThpYINBRH1ibksEjA1-k4CrhEQF3VSIBCV-eVvPUQV86E1OVXbCRbm8FErhCAEYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fbewab.co%2F&ds=l&xdt=1&iif=1&cor=6398770887915769000&adk=1964084972&idt=97&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
79675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 17:04:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5A34 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 04:11:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
385285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 04:11:28 GMT
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 679E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
203911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 06:34:22 GMT
truncated
/ Frame 5A34 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34407b0594d238989c523216611230dba23c069779ea875df9c5c527d166be95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0295 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
002dc5259c3ec3123809c376af2f9120aa2a726292356ab8a468e820a824f5e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
file.mp4
r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253173/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8BA3 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253173/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/469810A5BA98F1275C5AF223409E97741F320E39.6110DBEB5DAC3E686AD2CC9F51C0EEAE64B4353F/key/cms1/cms_redirect/yes/mh/Wu/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5edndz/ms/onc/mt/1692715610/mv/u/mvi/1/pl/29/file/file.mp4
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
eb489f28bc837188b5621aec657109294eff23ab6c2c11e8e66b899611d0d4d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 22 Aug 2023 15:12:53 GMT
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2762020/2762021
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2762021
last-modified
Fri, 09 Jun 2023 05:04:47 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
client-protocol
quic
si
googleads.g.doubleclick.net/pagead/drt/ Frame E95D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
URL: https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:53 GMT
expires
Tue, 22 Aug 2023 15:12:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 36AC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
436298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:01:15 GMT
expires
Fri, 16 Aug 2024 14:01:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame 0295 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 11:51:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
12076
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129577
x-xss-protection
0
server
cafe
etag
2336233631454045957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 21 Aug 2024 11:51:37 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226447322890227767672%22,%22debug_reporting%22:true,%22destination%22:%22https://powtech.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%220%22],%224%22:[%2208-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221825803911352049345%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/7108004604515456896/ Frame D8AC 		673 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd674217ca2f8ae785b700586fbfe7d29aed3fb00c460c2bcb7e4d76ebac5649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
410
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:53 GMT
expires
Wed, 21 Aug 2024 15:12:53 GMT
last-modified
Mon, 10 Jul 2023 11:40:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5A34 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNvScEvUt9Jl2zbHHr1hgmoeD5eGrqxWkHrkI0xQpG5UkYwKwNOhUZOC0nsGAGUs5xerQEtgugEzaxND_0mFG5HFplxWAYWE0MEMlHrlFxIIwTod4roJjeFbOnivNJeA8VeLai4hG1D-mWU1NfGh0ze2uDUo9qYpSrVDqN_0LOdUH0G2olSXaz4kR1zuz13s8KmO0uEzTB6Bc1SLwWWDlPGPqlpVvKeOllO3m_rtzyp3JVp7ExpToi1hoiUZ3pczvW_wLvKYF1nmug9im47K7FjbdtEe0nHAuzcDOATKfPSmRGGE0TMVvXCm_uCn9bWziSPAk8IwIUjDhlREpN1i4sIKyJO2x-0BtdDt7dbIvwB2jHMz31EKQYe4kuWpb6wYJwiPx9Ig9KSYmgJ71vyrtFIiNyfkvxpAAXDcOhwPO9zA_8ZsqlGxWo1zBnWZplzEBw5hUGUE6v2BEJ_xjj49nWHncYh9IgBAfjaVRYoYjDrWPetnJqR4QTLHIuYStoDi8M9bHFeNJ41EnjRjw9J0UiMNS-bAkdBJDH70i1RfSuFKXo_Hc1BNIjNu52NkXGNHbUMS1ltdFMc4mc4Y1p2BF2V_hS_lGeSBXeyeEHTqcGmAKDE0ZHPHIcMgh3fdu1CHTfIlc7vHSeWDu3t2XnfZ7Ge-PFMCDeO0nFRoMq6UpgKp73lA4XFieXysjEcYShblAkaj_TWhq0GQwBkYllA_WV7kzfW57ORi26GSyrCHDdGwEAs0R8VmypnwgvykJoJTpFRNynNGEqrmoXww6VmRrxE-GCLnKL88wty-JihKGWqP0HgImsLQfh9KWd1-lITt5cppBhS0zAFhH0k7EMyOrO6MS2k-8PoAYquk8ZUzd-iT3IqRqRayGmTkY_wYMvBI7Ize_WVBgT9S-_O_9WvnXmNjBpn8SX8JR4oHav2iazeIb3BYQon-EeFhOk2B8_xDnXCEXiFfR66NOcRJjnr8vSsbep-gTyz0pi4j-Y7FfG3u3D_-dLBQ2YEpvn2QO0NI6Llk1egvc8Mynb2W4xR_f7Kq7ELjdILVUZFbbFj9j5Skq8i_SMHjBGn_5rGXLSi0hh66SL9wqugU90xmRwh_cxNroKPg9RdLDlJsigJY9o8jybVrI8EKJdo8qZChKaJzH3hsNmI3nZM9tLD2msXtFqIAz6cgo96wGRNUWo6ZkcFpeDw9TU1xz7e1UesWeDbKFsAikGbt1ozv-eOA3GF53udztt1QYPh0pXsfcba2zYpeqjwsdhUv_xRYeo8NYiEKrOJOnreoe0_TI6ncgaPFF3B6cAKQ&sai=AMfl-YTQghg6LWsOn3JgurQEoex9xnTWUhajY40OqLmd8I47GGXCXX7XoCS-gYCLN_Xv2IMZUCVTZJggjUBtHZt_tcgxjUWsJIaShfWhQ8UPLlEjH-C89E5rsWQg3V91Fs5BuKWb9UgVCT9dhtSr9DsNqBRif-8oNv2xYJ-o1YHmggKCI3dgLOHOni-gA-hs4pDP00SEIEd4NFXGg1hDlIAc3iXgb-WR_cNyv6CnC-5Z3l8gF67dbQ3S0Qdad8d9GuA93xkAsfW1ELEXq_1WYLRgOAO0HlLcT-e7P0dm&sig=Cg0ArKJSzJHe42eWldiYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=181&cbvp=1&cstd=173&cisv=r20230817.87689&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:12:53 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 0295 		81 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3971399167145848&correlator=2087686768512018&eid=31076474%2C31076869%2C31077256%2C31077232%2C44799389&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=22387492205%3A22857120893%2Cbewab.co.Banner0.1691745078&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C300x250%7C300x600%7C320x280%7C336x280%7C360x300&fluid=height&ifi=1&didk=354568046&sfv=1-0-40&eri=4&sc=1&cookie=ID%3Db97fe506617760f8%3AT%3D1692717172%3ART%3D1692717172%3AS%3DALNI_MaAyBZemUt06OcBLpgzdcKeT-pENg&cdm=bewab.co&gpic=UID%3D00000c65f80093c4%3AT%3D1692717172%3ART%3D1692717172%3AS%3DALNI_MbGbpoODf-7sDtZ8x2hLCGXMf3Kzw&abxe=1&dt=1692717173773&adxs=989&adys=762&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=srt2ixtlxlu2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=bewab.co&loc=https%3A%2F%2Fbewab.co%2F&top=bewab.co&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1245587961.1692717172&ga_sid=1692717174&ga_hid=22808160&ga_fc=true&dlt=1692717173482&idt=283&adks=1948198909&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4079e147b052a7f8bcb8008236d3d610d33db43e38b3264d018d6147a736657f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26343
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1569 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:53 GMT
expires
Wed, 21 Aug 2024 15:12:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 36AC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
203911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 06:34:22 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame D8AC 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 06:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 06:12:14 GMT
template-43bf74fd.js
s0.2mdn.net/sadbundle/7108004604515456896/ Frame D8AC 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7108004604515456896/template-43bf74fd.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 17:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13999
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:40:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Aug 2024 17:37:34 GMT
index-09647504.css
s0.2mdn.net/sadbundle/7108004604515456896/ Frame D8AC 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7108004604515456896/index-09647504.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373023
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:40:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Aug 2024 07:35:50 GMT
dc_oe=ChMI0LDF7sbwgAMVz9DeCh3AdgHjEAAYACCloKRdQhMIyb2c7sbwgAMVDoGDBx2rHgk-;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 8BA3 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0LDF7sbwgAMVz9DeCh3AdgHjEAAYACCloKRdQhMIyb2c7sbwgAMVDoGDBx2rHgk-;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D21418%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D701549830%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1692717173829;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8BA3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1PAEdNDkZMmzJI6CjuwPq72k8APM3Ozpb8KltMHfEcCNtwEQASD2z6aTAWCV8v2BlAegAfeb7eAoyAEFqAMByAObBKoE7wFP0EMkENN9Cdti3HRwLttuN5im_JYFTsDRdM5EDXBj3y6xaNlCwjxkiNOJYuZbfreCMW54WryfjJA8VQ_aT6F_YwzencSfffcTru9iwQXrjYxeta6BuSPfnNHeJ9fd7tajW6z8W5DNXjoZS2tGqUll-fIFQoNsqT0qA5TlHSfpE-xul0KYx5YZGvdGV4AKh2ULNX5LuyfcgHY7SBWV-qWVB1frCRQv-1OkVx6ycqNg0MeTxKyA3OHy5tQUPGGs9kEyEbKJiwtRauTHCDGAmvo4bBpN10p9Ku80RacQCLL2WkN-iasq4SnPjdTlZUSatMAEv4f78IIE4AQDiAWIieaTQpAGAaAGdoAH99O9wAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBOP8boU0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=820bQOdJiMo&label=part2viewed&ad_mt=9&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D21418%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D701549830%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1692717173829
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8BA3 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuMVbKXimg_CQqy1LnIpJEvYoBnBVEUVPF9halo8xUYacM9ydR8Nqfjb_qkC0kguJtBbB7mTI0EPeroY1AyR7bmoiSbzbdwif2PY8NvuZJcPKtozGOi76rBkB1s626c4VBJ2cp3DWUZsg3TB_i2Ax_JC8yJ9MWNpOj_FdqbmrUyWu2faLs1CzErD-NuC8tRG095Us_ppX0bs5Tmme8bPVjUmKbljMD47ED--XTTbS-OgE466U3FA1m9FCl9Xk6IdmVK29YeK8g6R67XNAepWkro1xsMYVoqApPmEHU9RL7ReEFuMzLLUOU9IKguXBsoqAtL3uOJQovs4gzLSy-JYy8-uvMfsSZO3tmphSkjlUiS6RT_AmA35nsUFnMLwUOLWFZre19JlDhkqkdpO_Gq2LzVsEc8l9-KthKPD8_a7hAx4KYUrqlQhaaep2GBe1UnxC3vO2ZeCR_V4LB6uZ8pUmnbvISkkYqyA7aU_jkl1Hq2MwIOEAeTlR29-2dTcDByg3W4HBzlHs8m0W6_4J5bXL4sCMzizt1PW-R3z8DxIi2yDBcx_H55XD6s9WTx-3tx5r1G0Y8e9hPBcoGz8rnjOyJeA7abZSGOifYCpTQiwvXEnvL2Vrlx5J3TKefVfdtkUmMeHZyXDNDOyNVXX4xQcI22oVmWewo95Z0xfb8Dfq5-T_ia2fOSrd3fD6rrO6OJXUIfP5k_1GiHOx7K1Nj3NxZo_dljJCX0Xq0TCX5NkyJmmgspXZzno26eF4-yy-_8PsC9EuLeQZYflhOZtBrmPZ2TK-W7v7bQxaBs0RuUA9HQ_3-wiTEz-bZElNV1RJHHvXL6sNNZQZI1LLKi87jVKKlm06xY46jDcV31TziPeqWByxnJrlUfbxyu_i3y_Tkr2BSMm1xoPExwaQc8vXFHFeqq4jSL0Nn9WZk0aNLX8-thHGJljE8jMwDS4geLcQuUZsSbL-I6w5A1PLsFe7jqZa9oABOKNhTZu2ZTY_W7RVMW3YzCHsMK07z0JiT8f8khHpEXhBKE9jtAfatmrJ0FkuppvgbfUaiUuBVFfF0FXaofEW2dWPapNKi3VL5unBfDHIhcZQJ0KOUC7F6-RS4qcd5td9nUZaRujpiDnSTtk-heiR7Rilfj3KCMBTX8kS93tyHD7rTo2mLP17rjCs2hZQ&sai=AMfl-YQCLDHKotCXoSzIKOWbCb-aETqbF4QxyPrFOn5fybri7TuwFeTDCLQvSSn57uNKSN-iD6oJNyCWPjvv7w-de38OmSf85Mhobh2H5ecSp8pVcgeSep-R19dWW6dFywkp3YQvcOOssYms9AbQnjaH-dnrkdQA73RmRx3EFpyJ5D6WSoo_4U23RSxtBJFayVlz6LNHKPlPPBAigf9M1WTDNMRHsPuv3EFegJQSuCUOPrVK0Sx-TQ9ls-2PdYrcC3XPGa4Q6uguKP8fTbleXg_ntOjUh7RedMku13GF&sig=Cg0ArKJSzL2s59UC6coCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8BA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBC6zZbUAxjWvNjxASABMAE&v=APEucNUXLPdXDESDEE1HzevWu5Nd9OZzkoeR76XfcT_Gb2zB-m32R__amSNvPqSh_CqwQKbRd0jdpf6dUV9eWKF0NoTw990xfg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BA3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8BA3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLwEX6OvgbXiArUE9izw6CJZfKMdK7GIdjuCk9_Jrq9R_s6q5SX5nj35HDAERDXCuni-8g1aogx_FTAIt2RoEU-aQ5o0y8MQkmAWgRWITk8h9ufO88r2Cxvp5Hy8i4Tye2-20qCZztK56Z&sai=AMfl-YQw7Qof5DZROxVBuUdyL8ajnLp6Qx0GCQhXaQYO51asw-fsnCqjJbXd28N4OJGqmUSH6gFTOKpIBWCsprYeSvOQjCIFuFfiYKxfwfi5E0cJNmmLVclM_PPkoqZfb43_ZH2CGsK7Xt8qjpTOJw&sig=Cg0ArKJSzP0YEJQhixHFEAE&cid=CAQSTABpAlJWhDpbh4r9ZUFXR0_Y3vp-l48jwUMUCS3Zj15TTlNbmgjNU9HyQ2ehM99BQq6QJrdQs6SZRxTjhy-85c1Ch-nUT0dmsPH9MQMYAQ&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D21418%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D701549830%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1692717173829&avm=1
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 8BA3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1PAEdNDkZMmzJI6CjuwPq72k8APM3Ozpb8KltMHfEcCNtwEQASD2z6aTAWCV8v2BlAegAfeb7eAoyAEFqAMByAObBKoE7wFP0EMkENN9Cdti3HRwLttuN5im_JYFTsDRdM5EDXBj3y6xaNlCwjxkiNOJYuZbfreCMW54WryfjJA8VQ_aT6F_YwzencSfffcTru9iwQXrjYxeta6BuSPfnNHeJ9fd7tajW6z8W5DNXjoZS2tGqUll-fIFQoNsqT0qA5TlHSfpE-xul0KYx5YZGvdGV4AKh2ULNX5LuyfcgHY7SBWV-qWVB1frCRQv-1OkVx6ycqNg0MeTxKyA3OHy5tQUPGGs9kEyEbKJiwtRauTHCDGAmvo4bBpN10p9Ku80RacQCLL2WkN-iasq4SnPjdTlZUSatMAEv4f78IIE4AQDiAWIieaTQpAGAaAGdoAH99O9wAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAeALAYAMAaoNAkRFyA0BsBOP8boU0BMA2BMNiBQC2BQB0BUB-BYBgBcB&sigh=820bQOdJiMo&label=vast_creativeview&ad_mt=9&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D21418%26vmtime%3D9%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D701549830%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1692717173829
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8BA3 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~llmg3m2a&c=1008403020176&slotId=504201510088&qqid=CMm9nO7G8IADFQ6Bgwcdqx4JPg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=835&mt=video%2Fmp4&vs=640x360&dm=21000&ple=0&umsem=0&event_name=first_play&asset_bytes=194212&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.zf~ff.zp~videopreviewstarted.zq
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8BA3 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~llmg3mfi&c=1008403020176&slotId=504201510088&qqid=CMm9nO7G8IADFQ6Bgwcdqx4JPg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=835&mt=video%2Fmp4&vs=640x360&dm=21000&met.4=videopreviewpaused.zq
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8BA3 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~llmg3mfj&c=1008403020176&slotId=504201510088&qqid=CMm9nO7G8IADFQ6Bgwcdqx4JPg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=835&mt=video%2Fmp4&vs=640x360&dm=21000&met.4=videopreviewinvisible.zr
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0295 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAZvW6G2li5-CwV-DnMHnyY4CTqqPF6aS4-fO5aKhHNok5Zx2C5InxhGyCWQE5UD24qs5y7TQEsJMoIZqk9nE6uK63REsllT3yNUGDXqooIc6jVaFKgLl5wYHSUbYQnNu8e6i73uJOiF5kNWg3wNlU0AblF3IIxDjsGhNC8NHnd3zTWLzKrMoRA0dYdSJwcSRnc41LPqLGO3rWJFvqZfV06OA0JchvliqYHgRHWgpztsrU0tNcgu7T-gOyTgYL3w0GP8zPAM43NMw7OSZnftMBX_-z-si8t7wAE5syxyuij8q2aV3QdWOnTh_tNlauE9kPNkGgJ5URqIPieg-SjwERHrsq&sai=AMfl-YTGsPuavGLOygXF4Xi9wcYWRTfANhyWhEhEI9OfZ5Kzfm0kQHKKqo1CUM2omjh1vr_ettJedaiNBMe7Eg4cOt78ct-fOqnj9u_kCWUI4-l6cI7vnljDYU01Dq2YpGq1GNgv_MD76GHRZEEe3hTh&sig=Cg0ArKJSzINmrNkEwBaHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 15:12:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0295 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc2e56eed566fbbb80c5147430c7cc78e953cc72707ed7b259c2b7e6647961db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11924
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5A34 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNvScEvUt9Jl2zbHHr1hgmoeD5eGrqxWkHrkI0xQpG5UkYwKwNOhUZOC0nsGAGUs5xerQEtgugEzaxND_0mFG5HFplxWAYWE0MEMlHrlFxIIwTod4roJjeFbOnivNJeA8VeLai4hG1D-mWU1NfGh0ze2uDUo9qYpSrVDqN_0LOdUH0G2olSXaz4kR1zuz13s8KmO0uEzTB6Bc1SLwWWDlPGPqlpVvKeOllO3m_rtzyp3JVp7ExpToi1hoiUZ3pczvW_wLvKYF1nmug9im47K7FjbdtEe0nHAuzcDOATKfPSmRGGE0TMVvXCm_uCn9bWziSPAk8IwIUjDhlREpN1i4sIKyJO2x-0BtdDt7dbIvwB2jHMz31EKQYe4kuWpb6wYJwiPx9Ig9KSYmgJ71vyrtFIiNyfkvxpAAXDcOhwPO9zA_8ZsqlGxWo1zBnWZplzEBw5hUGUE6v2BEJ_xjj49nWHncYh9IgBAfjaVRYoYjDrWPetnJqR4QTLHIuYStoDi8M9bHFeNJ41EnjRjw9J0UiMNS-bAkdBJDH70i1RfSuFKXo_Hc1BNIjNu52NkXGNHbUMS1ltdFMc4mc4Y1p2BF2V_hS_lGeSBXeyeEHTqcGmAKDE0ZHPHIcMgh3fdu1CHTfIlc7vHSeWDu3t2XnfZ7Ge-PFMCDeO0nFRoMq6UpgKp73lA4XFieXysjEcYShblAkaj_TWhq0GQwBkYllA_WV7kzfW57ORi26GSyrCHDdGwEAs0R8VmypnwgvykJoJTpFRNynNGEqrmoXww6VmRrxE-GCLnKL88wty-JihKGWqP0HgImsLQfh9KWd1-lITt5cppBhS0zAFhH0k7EMyOrO6MS2k-8PoAYquk8ZUzd-iT3IqRqRayGmTkY_wYMvBI7Ize_WVBgT9S-_O_9WvnXmNjBpn8SX8JR4oHav2iazeIb3BYQon-EeFhOk2B8_xDnXCEXiFfR66NOcRJjnr8vSsbep-gTyz0pi4j-Y7FfG3u3D_-dLBQ2YEpvn2QO0NI6Llk1egvc8Mynb2W4xR_f7Kq7ELjdILVUZFbbFj9j5Skq8i_SMHjBGn_5rGXLSi0hh66SL9wqugU90xmRwh_cxNroKPg9RdLDlJsigJY9o8jybVrI8EKJdo8qZChKaJzH3hsNmI3nZM9tLD2msXtFqIAz6cgo96wGRNUWo6ZkcFpeDw9TU1xz7e1UesWeDbKFsAikGbt1ozv-eOA3GF53udztt1QYPh0pXsfcba2zYpeqjwsdhUv_xRYeo8NYiEKrOJOnreoe0_TI6ncgaPFF3B6cAKQ&sai=AMfl-YTQghg6LWsOn3JgurQEoex9xnTWUhajY40OqLmd8I47GGXCXX7XoCS-gYCLN_Xv2IMZUCVTZJggjUBtHZt_tcgxjUWsJIaShfWhQ8UPLlEjH-C89E5rsWQg3V91Fs5BuKWb9UgVCT9dhtSr9DsNqBRif-8oNv2xYJ-o1YHmggKCI3dgLOHOni-gA-hs4pDP00SEIEd4NFXGg1hDlIAc3iXgb-WR_cNyv6CnC-5Z3l8gF67dbQ3S0Qdad8d9GuA93xkAsfW1ELEXq_1WYLRgOAO0HlLcT-e7P0dm&sig=Cg0ArKJSzJHe42eWldiYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=399&vt=11&dtpt=218&dett=3&cstd=173&cisv=r20230817.87689&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 22 Aug 2023 15:12:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 679E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B-GkDddDkZJCiEM-h-wbA7YWYDgAAAAA4AeAEAg&bg=!3N-l35DNAAZGPLJIZjw7ADQBe5WfOKrVlQBn7j3clI27m-KoiSlwctJFqpkkeRmYzg16QI3Gxq2_VUNegqMr-f4pXzAKAgAAANNSAAAAB2gBB5kC_HLCJlfefRFwLCVGQYkbHvXSXYscEWcJx9gIr7SVx7WAv8HHfsjdMefGd5Z_ft9fqSf8Or1twLsC1CcuUauYp27Jrm9LAFjwg0aIxjAKXZPYeTORjU97WIxGzBzoCKwCYf46nW5_k72Tx1vIVM6Q8NK82udnNarnHBB0FqY3a1PewzObhiIm_oDxnsYDhRabGMSmO6wkQkTg5WQ6gVXNKEzdizBg52hXzZtsuZ4qE-ykuIWt7gGALEYVYIEvKAwMV4D1Hs1O6PwTipIHsm_LCnlOIdIdt6qWwU9I9ReDURVH3WsZg0q5GCMF9U14llk68HpDioDMyCAerbzf4KG5v--UbGdnsODLO_enB5Gg234oPaTAjM3QfF8b-GQhbhX1sKjTmRVL9dTtTP7n6PJMIAI-7etxDjWiVVkbebl-YNdWvQk8eswWuj1JadCFqapwJMRETJGp9OuEcuFmT1HBp23zaJP0fVw8MOwlyUrVIxnUcKbqwM10qbLF2rzvwZ5jJwk-YLxl00wJo9gdF4bQ2Qp55jbq9iQxec_aWaCijJmcJbLuNhancCs07vOdFjLsPsN807p607SHxuTVIeLLXqPvadPs2PQHGCgbHNxRblnpmyyJnnXWcgFYNdJmp9SAMMnn18NOCasBX0dHnx52SKs1GivalW8MOV65kd1LdkcSsGdmMj2nloUP9oWni_KeSO0evvuGE-t8zaxfeZ9lm-IoQaDj-9EvqawOIknhrJ6FKbdSxQISu2PCDKH7nQ2e2_Eh7g4m6sucHGUsS4N75sRbmrw9tlOlb9Dk99o3ELD1WpzJ52mr1ubxQcX_X0J58VKTugqsusqBUY5okjQPXZRmbT-YKQZWgrFCbHkn53C7Qw4mZxF4_412nmFYrrZx1Xa8Eh86qQeN9kFJ6UhVrvYR33b32kxs0Bist52E7FIay-S2YnZX6016WbXx1rpI44FDvfP6jV6tXDepmXgB_mTP6NqBXeyBpk0LZkWRbOH0dwZKx21R5G4nW5a3
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D8AC 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0b73626834d588ad05f3e4119f9af8370be6029cd8b467442cc6cf0d63786ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5529
x-xss-protection
0
06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame D8AC 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:24:56 GMT
x-content-type-options
nosniff
age
78477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28774
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 17:24:56 GMT
annick_sitzend.png
s0.2mdn.net/4528404/ Frame D8AC 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/annick_sitzend.png
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:21:27 GMT
x-content-type-options
nosniff
age
3086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539328
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 14:21:27 GMT
congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame D8AC 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1929
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 20:24:57 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame D8AC 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 14:26:44 GMT
cta-small.svg
s0.2mdn.net/4528404/1687523402213/ Frame D8AC 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687523402213/cta-small.svg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3259ca7d3e09ade842ae522f7808dfc053a5d9bf7e19ea5ae94403558a361e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1321
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 14:26:44 GMT
congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame D8AC 		2 KB
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 20:24:57 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/7108004604515456896/ Frame D8AC 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7108004604515456896/logo-d0d80991.svg
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 00:05:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
313641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:40:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Aug 2024 00:05:32 GMT
usync.js
eus.rubiconproject.com/ Frame 56F9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Aug 2023 10:07:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68012
Connection
keep-alive
Content-Length
10116
Expires
Wed, 23 Aug 2023 10:06:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0295 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 15:12:54 GMT
khaos.jpg
token.rubiconproject.com/ Frame 56F9 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D8AC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 15:12:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36AC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgzaIddDkZKSUGda6x_APx-GZ2AwAAAAAOAHgBAI&bg=!b2ylbCPNAAZGPLJIZjw7ADQBe5WfOGQzyy9HUTwoma8Ee8fy5Hvx3_xjpj-jrxFJiEnvKqxnuRxLx0Xk5iWSKYQAuliWAgAAAGNSAAAABmgBB5kC8oRGhmtYtKe-3jdP50nvRGdTE0jGxKq7cmp69uIjz9EscPPfkaeaSfsWQeO3MGDsKRnx17vZgZJp2lijHbOqghY4VWHb4wUXVZUjYX_Ri9tLe_uOh_VCWkbKw3LLO9Xq0FGO7Ukpf-RmBK1G7yQam5glG4l9Yx5Ij_J5f1ubKU4m-7yDBA62XRq0Ghw8N6jpKltXD0oZFJqNbgIl-k1PzIcrsIaYbOf3l-j46dSGRcPMeRnbtI2AiqAp5LUIua7nIq4PKBPEzGPVdP2HHwLLWaIeKgEA_3Y30jiRa_aN78F_uXrz8gsu6X8Ji6IkZ5EIMRUVbx6B1LMXUo0Wi1KOT1nYHTxAyq20Kk-8wDOh797KLKcU7ZtpOxLMEJ-WKRfpgDsbysSZwZl25hn0e26BJw6NNyP1B7QBhAcokNlN3AEpea_TnNg4yq-ruTIdZQVZUBkq_DeO_YSpOcjEgAynxW34hhYBRQtxkRx1A5tlBH7qMe8JHGsQq6ZGens4uYJ_guTNR9efrDX8syErWzMFPl-IlIJqX_5eisosXd7eTiquMbJ6Odpxpt5ERzllAV0opFBwoqB2fAQjz9S7edG16MXyufRUimvcBJb2PCd-AePHs6anF4OvTicY-w7S2vGvTuFIIhWaNbjNm8FC_d3K-RXKKG3ymu_gn11g5g7eaczoKR_3ymqqSjEyYE5cb3ieGFMM-vDGc7Xk9HYzx7j_O8WVCVvulF-KwXIZ1aSjn71q-vFoiz_VRK6al0lkFm5q51X89NioK_riPD78mYb__zOATsMAj2jgEwa5ondV3GHCmWWg8lrs_ADx2x81yRDUHj_faSgT46UI5ezY0-k1MvXlgLq0--ei9tM9fzG3dBLFxWN-nz6IQE159HLhTz-BtBYIvo2T5kPi1ce1rDY2OiArMqF6R7BDhOYF4U4rw50MofSyFCBL71qQijw9OKrH9blWo7yqZltOX-myzXF0gB-Go_47HVpk6391bBGXikOvC4w
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F2FB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:05:13 GMT
expires
Wed, 21 Aug 2024 15:05:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 47B2 		829 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cbb56f7cf8fbb4f82fc0a10f49cc492e0b3a6523f5c534bc96367fc456490d64
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5AHEOav8DcSh9x2CMVqZXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
535
content-security-policy
script-src 'report-sample' 'nonce-5AHEOav8DcSh9x2CMVqZXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:54 GMT
expires
Tue, 22 Aug 2023 15:12:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame F2FB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
203912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 06:34:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 47B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=3971399167145848&rc=
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame E84C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
203912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 06:34:22 GMT
headerbid.js
served-by.pixfuture.com/www/delivery/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: bewab.co
URL: https://bewab.co/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.22.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Mon, 14 Aug 2023 15:25:18 GMT
accept-ranges
bytes
content-length
3009
content-type
text/javascript; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35595a5dfea49749f877210a849347ea6ab499277e5fec8270e1bba3f8bc91f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11691
x-xss-protection
0
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame D8AC 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7108004604515456896/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:03:36 GMT
x-content-type-options
nosniff
age
558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 15:18:36 GMT
06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame D8AC 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 17:24:56 GMT
x-content-type-options
nosniff
age
78478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28774
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 17:24:56 GMT
annick_sitzend.png
s0.2mdn.net/4528404/ Frame D8AC 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/annick_sitzend.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:21:27 GMT
x-content-type-options
nosniff
age
3087
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539328
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 14:21:27 GMT
congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame D8AC 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1929
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 20:24:57 GMT
dc_oe=ChMI5KLO7sbwgAMVVt0RCB3HcAbLEAAYACDwwe5cQhMIhNSt7sbwgAMVTYiDBx05oQ-3;stragg=1;&timestamp=1692717174219;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 5A34 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5KLO7sbwgAMVVt0RCB3HcAbLEAAYACDwwe5cQhMIhNSt7sbwgAMVTYiDBx05oQ-3;stragg=1;&timestamp=1692717174219;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 15:12:54 GMT
container.html
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 355A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:53 GMT
expires
Wed, 21 Aug 2024 15:12:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame F2FB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6bJVEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 355A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite_fy2021.js
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
80615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:19 GMT
css
fonts.googleapis.com/ Frame 355A 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 15:09:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 15:12:54 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 355A 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 05:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Aug 2024 05:45:19 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 355A 		368 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 13:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130842
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Aug 2024 13:36:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 355A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 16:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
80615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 16:49:19 GMT
l
www.google.com/ads/measurement/ Frame 355A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaROxDV-8gycih1d3cRK_U9Nm60lUHPMT_Z0RSU4EiQNgnW6aHTbMTCblPngfIzN7CsyAP18
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 8BA3 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~llmg3mfj&c=1008403020176&slotId=504201510088&qqid=CMm9nO7G8IADFQ6Bgwcdqx4JPg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=835&mt=video%2Fmp4&vs=640x360&dm=21000&event_name=first_pause&asset_bytes=194212&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.02&video_muted=true&video_seconds_loaded=8.77&vqdf=0&vqtf=4&vqfr=236&met.4=vfl.10s
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A18C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:05:13 GMT
expires
Wed, 21 Aug 2024 15:05:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2AAD 		829 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5727767939548153a52ecba13f639097f268dba279fd9d72c221feb73ccf232d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9aiS95N0s0vMdMI6LKOplw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-9aiS95N0s0vMdMI6LKOplw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:54 GMT
expires
Tue, 22 Aug 2023 15:12:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame A18C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
203912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 06:34:22 GMT
csi
csi.gstatic.com/ Frame 355A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~llmg3mxl&c=2824008421721&slotId=1412004210860.5&qqid=CMmG6O7G8IADFYaodwodgBkCgQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 355A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 11:08:17 GMT
x-content-type-options
nosniff
age
273877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 11:08:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 355A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:08:16 GMT
x-content-type-options
nosniff
age
493478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 22:08:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 355A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=ChDwnddDkZIn4MobR3gOAs4iICMzc7OlvwqW0wd8RwI23ARABIMXwzoQBYJXy_YGUB6AB95vt4CjIAQWoAwHIA5sEqgTvAU_QFqeVlpHih7CaK3xCwmZ9b_Am5Qe9yDU6M0cHJhpIsM5OyUr5rsXzJWHmm5u2qRsw3xspZWVSPC8NL4c2oGXP0nVp6r-G7U6MtWsR8miQtxGqcdyGeGRyayFxPxq9CvM3fl7e31OeGstXJ895os5gfQDKpedZtClpJ3HbHYE7dYvjC96O1o82dlZ3hZJI0btgLvtBoSlOv0NLsTs3uE0zr_fWFWXanvZn1O3PpAE7ce4lwu0GOgJsy5M1A6j--G8chXtMXpArnmg4LyBcUjB1JIhV7ka_WPzmm4l4-qBLvG3xpnNv-dw6Y1kwAAA6wAS_h_vwggTgBAOIBYiJ5pNCkAYBoAZ2gAf3073AA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsB4AsBgAwBqg0CREXIDQGwE4_xuhTQEwDYEw2IFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1692717174495&ai=ChDwnddDkZIn4MobR3gOAs4iICMzc7OlvwqW0wd8RwI23ARABIMXwzoQBYJXy_YGUB6AB95vt4CjIAQWoAwHIA5sEqgTvAU_QFqeVlpHih7CaK3xCwmZ9b_Am5Qe9yDU6M0cHJhpIsM5OyUr5rsXzJWHmm5u2qRsw3xspZWVSPC8NL4c2oGXP0nVp6r-G7U6MtWsR8miQtxGqcdyGeGRyayFxPxq9CvM3fl7e31OeGstXJ895os5gfQDKpedZtClpJ3HbHYE7dYvjC96O1o82dlZ3hZJI0btgLvtBoSlOv0NLsTs3uE0zr_fWFWXanvZn1O3PpAE7ce4lwu0GOgJsy5M1A6j--G8chXtMXpArnmg4LyBcUjB1JIhV7ka_WPzmm4l4-qBLvG3xpnNv-dw6Y1kwAAA6wAS_h_vwggTgBAOIBYiJ5pNCkAYBoAZ2gAf3073AA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsB4AsBgAwBqg0CREXIDQGwE4_xuhTQEwDYEw2IFALYFAHQFQH4FgGAFwE
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 355A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~llmg3mxs&c=2824008421721&slotId=1412004210860.5&qqid=CMmG6O7G8IADFYaodwodgBkCgQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.k5&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 355A 		28 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B1EMVDe6orqVjknRHPQx6iC9yxH3lMC5g5FLhVvVeu19g2C2__Vd-sgld6uwGc0UjAmm3pFECUqnsO0U1oJG_VOzr2Xg&cry=1&dbm_d=AKAmf-AxnQJYORcGMsFi-YWybRhzYgdzenl_u5KTkXEztr7bf3o36UL6a4BDLxgg5vaoZXxOT_HrX05oREnVohLPF68-x1L4wErl1mKQJWG0pGzOdp4n5WmedxT4ihzqU3jwPJr7nKITUczMc9AAvUTZ4TIplP8tfL0-bWNHS6agt99RwDK1hnv636O0fdA9rbegq4ygV2eZBbt5ZBiwUz_gh-LzdPQbQiN1ayWfLbNppgN5PyFVpOXvV6XWH_GDCnaWe2brirjDhX2CcTvGm-QQciiVnJC8aqAPerZag7Q6PKk2pVDcdMKfy040uZ6mVXcMJjRNW_yI5Xow6DdYTLJUfoFzuOkDOwUwZR_suFcv9CBaBO1XtEU-id0xfXV9lzodjtDaXvNmlldGjd2f1Q9Z3I_6blw6ZY_oHAdm-SKKdGomImb3SlWYtBUAyllKjrVYLpA4wf7GkgaU3lMNTP4Pbj_bB2rcXH7azZ-JZ5XsNjQJOH3CS5MZF7sMEWvkABY5QC-MFBolPIqmmJHEQwccC0zLWnmw4-XWE-NLDCpPvZNg5nUbatO-zAmNIKjIEg01_i1oWSKBw6hXw3sbSscaOens__k-uQaVsP87dZ1jYvfIhXPQ0pPyLFErQSkcfipPRV9byO7ZgNvja9wlwtMMu3K7U6IAqcbDz7wdRzzWx2fcmTx9V1HDFqlYwgcMZgTBoEdMfOxSYFaK08i09tlk6mFDhkxzAy85IgwJlha_MpOPeMihgpA8YkdGxi9yO_367paSERREnI8p4Mom0GHtSKNygdK323HtZhHO7oP8UUOg21Cp3F5EAI1CUMMnHgESkOGJb9ATCBitWGkM-Y5KjiJz5AOGHdMKkXCZUoMWa4DOCxnHbDSLeYqCDQ3EEWCYeEUHwYhOzJ8Vn5ZHTd_CJti_zVKB-CilqlGZOm9VdGYxtWCUCdezBv9MpdpEjsp3MQmTAB5g0Np1VcS5VNlTdoQAK_nVkzjRGSLXTN-qCtlzIFuPSS7dO9B8BDLkB0aNTTVz_yhLHnDUdF3Mt4_uhU9epNKeGjZgsIEYpTbjoiBPHIKpAzZ1LDLKpAjhQhjKUb-TefH3mTG6_3s9K-edlibXg849s5Ze91oLcWJ1LiKRmC60AsLoeJOg7E8t2gMe6dwsMBlCB-uVIXU8NXhhCgh5EmQQgM7XK9a2Iz21d36Rve4hi-gvd8P1bvNgUfVpHEo5KgQ9wzY-8apdDmOyG4AP56eao_AjKG6Mxn42W-ABSAB4isqiCNGRgmn8_JCWEQdlwIf6A5x2taJaCLsbyjPmzqZ3q_MSdJkhkoCneFDOssZySflhYg3kwkvY6fhYkfafgBqsBZS9cnLPIP2cI9Y4n9si4bbjiGu59RPiGRpitiEJ5ormuzn47x4YX_UAg_19b_aUDCfT-5NgWlLBmfN7Pz-_dJUML_TDQ_z6iw4RsMb0aMgDtXLs-IZFxP_scKXBZ8F_jRZH6wqViXnlj5hEMnTfp-mz5NXmPS9NPHAS8Ajdwz6ozT8ANurQA3u-yvDfRRN8yqQX4OQ3xB2R1EQfV8NwWdbxfP_bnrHH9fD36mfHhokNKIBsQ8JAGcTQEocg2eTm1Cd4NIEQeDiK1YX-eNVbwpI4goN8JA_AwzY0_L8vrGdwTYSVN9k5DncZwdJh5KPU6qPNd0EjymohtDgI_q6dj6G56-nrnHXsM2yH8nhRMm76gLFXXVFHDN0z4bG20RklJzQe3rG300MPlimadz6cCKi8etxDEB8OK3Ai0TVbfKS9e8ZKeHgmdD9W_elHWfbu1ffQvjWrg9tnoJPzl-mGtfhrPsCub-DsnqKmsUDUPhUIcBHXfNRBG8RucGkLdu2PDGaSvRhU5AvXlOTcQfp6id2qSk5ObP-XLGGrWpehcMSdhTCOM3RXwlBgNY3g7XTTD437nSEI9rJR5KFWKsqvuZVAjlfFeixbj_z9kpPoLMqkqMYSgt3FWmo9YJAl3rEo8YOqS3BCfGDWFMU6DWI8bKktXS3WfHYj3edCTehGhCcKKi3TYw71TVi0n0bm9StBQZmBrysHNpQfIN459MoW6u0FN2ZMnqay0vXkt9wzUVmpK1MljsXSELyIa7dzD_hvbiRNH40J8pKcWJYHlPaMCVye4lfqNMLarbCs5L8HNRJE-PzJOvF5blYVV7tpyIbzj8J9Q1MTmYeWokubsjshcupYg1W6-8Mfkv1A8ymmo72NHtTsYOnEjIx_ZOMZi0-ZTswZvSksk3t_Oci56659nViGwvuP2ATmIwWpvhjOOPV5SlCoLfVJY9NbX_oAu8oFHtK8lo1R75RtguLZNWE-7wPZqIknX4kqPu1s5GlLLLmGzrhHlzxtg93aAJsTTypjvOfUapBrMrtfiMfLz_984Z-PjnCzvb3muoza6xVbgxsw17Hr5cxL_a3RsCSWeLH_BUB_aIIfcWwvFIDcWA2bYarXfCe_Jicww5Ua_tOGQW8w2hgzkgx14BzXoPFghFFEyG6Bdvjzc2f8WLCsMm0RBGgMrOf40Ko4nib0yRAb9AHaJcm73_B5QUer-pDZsp4Suz6T4wKIAGNaLvI_fQH9ZofcEeAo7BfgTKGpp0vBk-96uFjVJzcbwFo-auvbcxvZMP6IajUlgXvdU9FCcXueyJQh-7bNtbYQiezm4AZDNWB40C8Nul4TmyZCUZpDVq3jWJaj9-u1QUEpUHT2rY1rJThEhSRSaeF7V9CR7nFEjXxB7V3lpLx7pJJ4QqxWwQvCjMDix0Om-fr7JzlySd6hwzOqV21EszY3Yz5V8phWgG5KofXTgM4aB_yXVVW3uIyD75TEXKjKzMJjuWCDn5l0jvuIY7m4nv9Jg23HAdxdTOlc4JXeegCwqybpDb0-s4TMeLM-6KGZ1xrzI4aefTrYYCoewFh0cShv5y69EuKzGXqiEq0NYHSQHHCu-i-92AHBDfE82GBV4fSXeGaMrRHwHtmwIWDJ7bHVnLRQerRW4VjC1N7AjBur_8s9Av7PMmQDWFnymS0LnCUSlmHRpUL2tru8KXMxdUDP1aAa6d3esVz1pD9tsvEdBrANPAFgw7oVWkSZ0szFjHYWRVtJSEhhgjt0mS_0sDbUoR6-ebrJ69kYiIOSbGHZ936sUJ0ya_qozNTZZWGj4C937G5A9O3YFInNtGFx2zQOyESFhYEJCRa-HF0wXKrRLqkyw1kE0vbRuDtjkWx59cpQoWD0NXDEO4cW3edWPAaRXqMgjFEcumRSNRahVTQmUpyWkcXtNMvJII0zX2aikGhfUDGbe8tXKGva5Sz91m3cEXenmWcr5knx6tr_2Ufu1ewGLsEQOgBHAhwAXjOba_VAplfdbtWUw5r3lh7dzmKQuYnDI2G74n1ZskM-1QLwL2KICG4ujN2zRRch8sCIQ1vcDvXjvJONzdRWZwScCleeuWV6Z8GJD5i-0iM1DZoe72re2zxFEikTNNk9oSB9fQOUUwZTU5Y_4M0NosklnEd3fq6iXZTOUPgx2Qlno4tV3GdqBEDqnqMGdPOcXNw1dqFbE44asW9_NuulMQ9MOFCae1Js5qWxV6fnQElahf6BpPBSNaziA-o3qJe8KMTtu8IZfg2spreWoa1UYwLji_imXn0o3uLMjIw&cid=CAQSPABpAlJWcRGdfygmSoqPrjWiCPqUFCJSnXMUOYMQaLwr8Bsj7rjDCtnsLQMvByUFj-6Q_aOeqpAVEQ9JIRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f156.1e100.net
Software
cafe /
Resource Hash
4658ea25e50b7e54308130f0954623461ee7a40e140f7d5e14944c1e7fe5d53a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16572
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 355A 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e748bb356c857acdd8455d5ad749a5072f693414f663fca0a08de1ee48e1b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 2AAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=3284829471672563&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 355A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~llmg3mxw&c=2824008421721&slotId=1412004210860.5&qqid=CMmG6O7G8IADFYaodwodgBkCgQ&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 355A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 15:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 15:06:37 GMT
file.mp4
r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253174/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 355A
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253174/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253174/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253174/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60BA9FE0205C13FD6BA43E13E40FDFFB6AE5E84B.EE6291D10315ED4C50A676B36A11F2A8C1485F/key/cms1/cms_redirect/yes/mh/Wu/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5edndz/ms/onc/mt/1692715610/mv/u/mvi/1/pl/29/file/file.mp4
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

client-protocol
quic
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
content-length
2762021
last-modified
Fri, 09 Jun 2023 05:04:47 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
null
expires
Tue, 22 Aug 2023 15:12:54 GMT

Redirect headers

date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
652
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
location
https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253174/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60BA9FE0205C13FD6BA43E13E40FDFFB6AE5E84B.EE6291D10315ED4C50A676B36A11F2A8C1485F/key/cms1/cms_redirect/yes/mh/Wu/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5edndz/ms/onc/mt/1692715610/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 355A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~llmg3mzx&c=2824008421721&slotId=1412004210860.5&qqid=CMmG6O7G8IADFYaodwodgBkCgQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=835&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.m8~videopreviewvisible.ma&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A34 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEpRic044_on7o9p_lH9lOdnqUCSuVBOCjnv5E7_Id88tRBHsBPqVya4U2KQqP7sABvyzr3o22rh2RYYsyH90nozsKrqgv_xcjC1spwtoMuertw1tcgFc7aHcC-4_mKXfJlJX02TO8QctG&sai=AMfl-YSj7yRmeGme3N7wj0WJGkb89XmvjuDUVGE-UKBLrMkTh75N3ZcDWVpt9B8KgEmcB6rm5zcQhM5RO53-kO6qh7tCmYOyZ7igoOgqCAIu41K9tVXErdKO5wcRDtRQljhhX6UocWX2gViQkwri_A&sig=Cg0ArKJSzPzlOwgj3lbQEAE&cid=CAQSTABpAlJW0JNIFRdHfUWD9jkRm9KfMnrScoCEngHHiThpYINBRH1ibksEjA1-k4CrhEQF3VSIBCV-eVvPUQV86E1OVXbCRbm8FErhCAEYAQ&id=lidar2&mcvt=1003&p=1100,640,1200,960&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=612636109&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692717173203&rpt=381&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb_v2.js
cdn.pixfuture.com/ 		55 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c2bbbb5c5f4c4757aa651d7d97109fcc5309df91c17b2ba54cf34db0d0c3f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2814
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 14:20:13 GMT
server
cloudflare
etag
W/"64d24f1d-dd7e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLkAJB13T%2F0%2Fo60tyqLqn23LvoFByyv4zM3q6w8S%2BPDWlJXh%2Btmom32yM9etE5y2OUG7Un4B14yCQ2sNpz9EDt2Xk9l8tTfYiiLfWuQtMBpWkPu2NGtyyyckPnGH56YDVclbbdcVHIxflrStkhi%2F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7fac0e857e45694b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 24 Aug 2023 14:25:22 GMT
headerbid.js
served-by.pixfuture.com/www/delivery/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: bewab.co
URL: https://bewab.co/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.22.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Mon, 14 Aug 2023 15:25:18 GMT
accept-ranges
bytes
content-length
3009
content-type
text/javascript; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 05A8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCEpXoXx_M_5MLM8uEqY4ZJPI4ZV4lJEubxPL1nMuXYL8xsMwSu2HCbSJP0N4ZLSA5vNUxtgMhIpMpqvU7eGHnHiRZ4fhE2EcZxAuq_t1KOXAsgNtYmuWzhIQ2xMmGwZY&sai=AMfl-YTdixjPsht-wdnoKzHgQXLWZBAt-BnpJBiBeJ_SHVeKLsDWMWOfQNGRNgHvxA_HtQrekpjwEb1aLIpudEDQpxVcd-yvzwTblAl6s4cJDFj-maUJF5vJ1gxz451e0Ul8T4VR4LSeQG7LI5a9&sig=Cg0ArKJSzNH2RnS8iLEwEAE&cid=CAQSSwBpAlJWx6meWn0wSjI1GU-W1GCEiSc_OiOInTW5CzjyWvHxMI1jvIfGja6uCK5E-rjYNOw7ptEGyZq2lXzIezNqddfje-ehhYdIRxgB&id=lidar2&mcvt=1000&p=601,261,713,1339&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=503788297&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692717173237&rpt=356&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame A18C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1ksAKw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 3CC5 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
589259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 19:31:55 GMT
expires
Wed, 14 Aug 2024 19:31:55 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9603ca992294eae32f0dc6f0803db2384fb4bd1aba31359c45c22d68da7624f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29456
x-xss-protection
0
server
cafe
etag
548 / 19591 / m202308170101 / config-hash: 1333500184187641948
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 15:12:54 GMT
pbix.js
cdn.pixfuture.com/ 		396 KB
397 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4196faa28def3b310eed8c11827e29b55f9f3d2bfdd31d3d72669fea7f8c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1899
cf-polished
origSize=406706
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 19:53:47 GMT
server
cloudflare
etag
W/"63c99fcb-634b2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJc5tPMAf4lBeDiAZpBQlZht2yWU%2F80VIuAfa2faYoEuzpNOSr9Aul8Yu7M65bMNJtbZcHJgbMR4ZClT05YI15tf4cqC%2BL0cuCbRI3EeSk7sZzahI8EmlZkCUZwjSB8XRjM3mM%2Bofp2CVcxIhrcp"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
7fac0e85defe694b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 23 Aug 2023 17:40:21 GMT
pixf_sync.html
cdn.pixfuture.com/ Frame 9124 		933 B
909 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pixf_sync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7b2658feda172c9f2eeb30c6de5b131956849f8211da2411bb43c2ce859dde

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7fac0e85df08694b-FRA
content-encoding
br
content-type
text/html
date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Wed, 07 Dec 2022 20:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqIoicoGRUnc%2Flnz%2Fk6zvFCISJXcQmq4OlZ0APeZy3ytlzOq4pnReYuuZozzCf7E5ecVbzVUj9O9tuM%2Fm4T9ZsJJL%2FJXyJ6YJzFJb2oBCDUQxeb6us5h4sZ9tWLgce9bLhjc9r42W0vjBihoT%2B7s"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
r.js
aa.agkn.com/adscores/ 		0
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.0.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-0-70.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=41554x320x50x7144x_ADSLOT1&keywords=bewab,web,articles,protocol&refUrl=&refresh=false&innerWidth=1600&cb=1692717174690
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
2cd7b175170604bfffc755a51456abea6a1c7a9d44c9e71f51cf7ac024ad90b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
file.mp4
r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253174/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 355A 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5edndz.c.2mdn.net/videoplayback/id/5fc24371f28acb61/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724253174/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/60BA9FE0205C13FD6BA43E13E40FDFFB6AE5E84B.EE6291D10315ED4C50A676B36A11F2A8C1485F/key/cms1/cms_redirect/yes/mh/Wu/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5edndz/ms/onc/mt/1692715610/mv/u/mvi/1/pl/29/file/file.mp4
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
eb489f28bc837188b5621aec657109294eff23ab6c2c11e8e66b899611d0d4d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 22 Aug 2023 15:12:54 GMT
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2762020/2762021
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2762021
last-modified
Fri, 09 Jun 2023 05:04:47 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
client-protocol
quic
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 3CC5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
203912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 06:34:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7RmYddDkZIn4MobR3gOAs4iICMzc7OlvwqW0wd8RwI23ARABIMXwzoQBYJXy_YGUB6AB95vt4CjIAQWoAwGqBOwBT9AWp5WWkeKHsJorfELCZn1v8CblB73INTozRwcmGkiwzk7JSvmuxfMlYeabm7apGzDfGyllZVI8Lw0vhzagZc_SdWnqv4btToy1axHyaJC3Eapx3IZ4ZHJrIXE_Gr0K8zd-Xt7fU54ay1cnz3mizmB9AMql51m0KWkncdsdgTt1i-ML3o7WjzZ2VneFkkjRu2Au-0GhKU6_Q0uxOze4TTOv99YVZdqe9mfUtc4uJTNjQBdQPMP2aYUHmdy59CpCPpwSScvhmQ-U7DEGOOPzv0ejPdjDaKfqDkTHXeAUimekvgFyGIbAe3M4OCTABL-H-_CCBOAEA4gFiInmk0KSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB_fTvcADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQtZ4KGNa82PEB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAbATj_G6FMgT9pjr4APQEwDYEw2IFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzIwNjQ1NjU0NjY2NDE4ORiTons&sigh=COCNW6y2RXI&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWcRGdfygmSoqPrjWiCPqUFCJSnXMUOYMQaLwr8Bsj7rjDCtnsLQMvByUFj-6Q_aOeqpAVEQ9JIRgB&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 355A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7RmYddDkZIn4MobR3gOAs4iICMzc7OlvwqW0wd8RwI23ARABIMXwzoQBYJXy_YGUB6AB95vt4CjIAQWoAwGqBOwBT9AWp5WWkeKHsJorfELCZn1v8CblB73INTozRwcmGkiwzk7JSvmuxfMlYeabm7apGzDfGyllZVI8Lw0vhzagZc_SdWnqv4btToy1axHyaJC3Eapx3IZ4ZHJrIXE_Gr0K8zd-Xt7fU54ay1cnz3mizmB9AMql51m0KWkncdsdgTt1i-ML3o7WjzZ2VneFkkjRu2Au-0GhKU6_Q0uxOze4TTOv99YVZdqe9mfUtc4uJTNjQBdQPMP2aYUHmdy59CpCPpwSScvhmQ-U7DEGOOPzv0ejPdjDaKfqDkTHXeAUimekvgFyGIbAe3M4OCTABL-H-_CCBOAEA4gFiInmk0KSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB_fTvcADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQtZ4KGNa82PEB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAbATj_G6FMgT9pjr4APQEwDYEw2IFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItMzIwNjQ1NjU0NjY2NDE4ORiTons&sigh=COCNW6y2RXI&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWcRGdfygmSoqPrjWiCPqUFCJSnXMUOYMQaLwr8Bsj7rjDCtnsLQMvByUFj-6Q_aOeqpAVEQ9JIRgB&vt=10&cbvp=2&vis=1
Requested by
Host: b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
URL: https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dc_oe=ChMI9YaS78bwgAMV0FBBAh0OSgfKEAAYACCloKRdQhMIyYbo7sbwgAMVhqh3Ch2AGQKB;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 355A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9YaS78bwgAMV0FBBAh0OSgfKEAAYACCloKRdQhMIyYbo7sbwgAMVhqh3Ch2AGQKB;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D21418%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1692717174748;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 355A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChDwnddDkZIn4MobR3gOAs4iICMzc7OlvwqW0wd8RwI23ARABIMXwzoQBYJXy_YGUB6AB95vt4CjIAQWoAwHIA5sEqgTvAU_QFqeVlpHih7CaK3xCwmZ9b_Am5Qe9yDU6M0cHJhpIsM5OyUr5rsXzJWHmm5u2qRsw3xspZWVSPC8NL4c2oGXP0nVp6r-G7U6MtWsR8miQtxGqcdyGeGRyayFxPxq9CvM3fl7e31OeGstXJ895os5gfQDKpedZtClpJ3HbHYE7dYvjC96O1o82dlZ3hZJI0btgLvtBoSlOv0NLsTs3uE0zr_fWFWXanvZn1O3PpAE7ce4lwu0GOgJsy5M1A6j--G8chXtMXpArnmg4LyBcUjB1JIhV7ka_WPzmm4l4-qBLvG3xpnNv-dw6Y1kwAAA6wAS_h_vwggTgBAOIBYiJ5pNCkAYBoAZ2gAf3073AA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsB4AsBgAwBqg0CREXIDQGwE4_xuhTQEwDYEw2IFALYFAHQFQH4FgGAFwE&sigh=hYwKDNnyrJA&label=part2viewed&ad_mt=8&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D21418%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1692717174748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 355A 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVlA9_n1VSYngLEX7J_5Qo5QstsJz6MQm7qdndiqfXCFSYcuoBkJQMXFUDItMu7SyNz8Abr66lyVeCdsWLYdWJdJJ1TMtt5W-QxBbJyb-5eKzKEfYxyNcYtdkkeOQIOPbpADm4XUp8FElr6NKDoycCGkQaWa4fbvrH7Fk586yEfd0gc4dwkm3kJ502iDa_z5kL6Xk7p9Ybn0ftaTgH-QhnNSxzERihTEQKBZEL8jycBY681IBbOcChr-MT0d8s2TckizlDRB785CA14-1zgoWlnISPXyL1jL4EIm70r2kLmvYXqLEVfOCFmEyKrkWqj4JzZCzhn7eLbVr_5eD_sLyCIS7_88QpzVixuYoeEsCAvZp3DnLSkPg6VunvL4RQnVs_JQkPRWLhwjPEvLSZciDk4vpWklGMzV7Oo45JGAW8jlmnjfm8G10u-CJlwLb_Gdlk9tjqw4LTzxAP8ZP-OGfeiBRGHs8tOwGWLZqIhKP-5aitEbNnJRXxWyRJULVTis4Mudg3Z8_EwPRQ7LYilYjkcq17HxOxb8TvqN9nQqoUJ0y6TyTOVbDCrR3aiDUwzLyMbx0CsTn4ZG708MT595fP56PROzK3VCmxg5o3FpIHz1vqBm3fbUZ7CixpwMjH45QqaTl9TH8cJJ-yeqEmQoJo0UW-9fcsVIn9ShJVSjrFDV22x2BPTBCEwS69LaMbbG6Jq3Rtn3FuGRwPajAsnBuKqFZmfbagAtQoQMakdc9HoToyucjTR1pUuRd5pajdS8PML1BGmBKVmmMWJUwKqrSJEk1i-PIQ2Lr5sVO52GPWBui2Z3klykgTHznZAbqIrqD9YUJfOfnSuTCknbAN2wne7v891p8Tb12fjR2Lp9Vw7ZLIR26GLVSdqk7obifOJTy8AxGz2AEyBTFrrCUVAa8FGe2Fq70UNMJPPVYsbBYJYwTERsbihV_QYn26OLBsG8fuISNp60zG9wgk1umbSbO_f3OjhGotispwySGFp7uqzK3LJZOc9BwdQUX_yxtUod22IlWDdEJpa7IrxTdv_qCFPchIsgMswh7n86GegEYHV67hJ5ragMHMn2_ZyVwhyDXmtXwc2R_sU6yx-DfOJK3fhrJYkni08YtOlpdP7zTkd7X0rGaclEj1gKso4AcquwCgxa0E3D8lc8Rc_w&sai=AMfl-YRlMq7iVR9kOnCUXuWWewmn-dNg5Gi9N_GBd_eLoxXB0AjuPoLKiwTlbg-6SWskdygNOVJe3FCe4UKzuPMVWiFLArEbC3O_344CgVXYtuAhKj-IBImm6LmwRc0CYEanRWPaanLb6v2NXSuV7IFQ-dHzn48a6XdoBIV0klIz96695-plC_HVJaf2sivcglWYFaWQHYCA9wwS59NQdzCtxOQfp4ZYEG6Y1Q0c8Ubd2M8rrK7bddKJRD4eEPLwcQkSZ_YVNtI&sig=Cg0ArKJSzI2S5YftsBDUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 355A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBC6zZbUAxjWvNjxASABMAE&v=APEucNU6efu-i1GbnlC_9hV2YmcWegza91L_jGyojp2qGTwuv8jczu-QfvtdB7OihVYo4IpGcw9fdZiNh1ZMJCoFLr9032fpSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 355A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 355A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiMjdwVxzJuAZ-K5d5pi-SJrJ3K26u5_yNvotwwWxB3z6gF1JUHuI0XHbqaAbR3IV1sINhrarhf90j0nJsvG5pyPZ7VkxmoT5p1l6sXAiH_6gh3r9j6yT8QvkA7mFVbRV6ye3KLMNkXjNx&sai=AMfl-YQZsDLnv2WgYDiqardBnr4EGWbGXqLdpJ_sv9_XkeN5demLopIuAvBE9tQy4sJHIqgZjymevNF8Fr_IHKBeNAjYOX49yYBF1mMlPVKbcJK8oNLicD7EYNXvk8x0&sig=Cg0ArKJSzHL9Kli81dT0EAE&cid=CAQSPABpAlJWcRGdfygmSoqPrjWiCPqUFCJSnXMUOYMQaLwr8Bsj7rjDCtnsLQMvByUFj-6Q_aOeqpAVEQ9JIRgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D21418%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1692717174748&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 355A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChDwnddDkZIn4MobR3gOAs4iICMzc7OlvwqW0wd8RwI23ARABIMXwzoQBYJXy_YGUB6AB95vt4CjIAQWoAwHIA5sEqgTvAU_QFqeVlpHih7CaK3xCwmZ9b_Am5Qe9yDU6M0cHJhpIsM5OyUr5rsXzJWHmm5u2qRsw3xspZWVSPC8NL4c2oGXP0nVp6r-G7U6MtWsR8miQtxGqcdyGeGRyayFxPxq9CvM3fl7e31OeGstXJ895os5gfQDKpedZtClpJ3HbHYE7dYvjC96O1o82dlZ3hZJI0btgLvtBoSlOv0NLsTs3uE0zr_fWFWXanvZn1O3PpAE7ce4lwu0GOgJsy5M1A6j--G8chXtMXpArnmg4LyBcUjB1JIhV7ka_WPzmm4l4-qBLvG3xpnNv-dw6Y1kwAAA6wAS_h_vwggTgBAOIBYiJ5pNCkAYBoAZ2gAf3073AA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsB4AsBgAwBqg0CREXIDQGwE4_xuhTQEwDYEw2IFALYFAHQFQH4FgGAFwE&sigh=hYwKDNnyrJA&label=vast_creativeview&ad_mt=8&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D21418%26vmtime%3D7%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1692717174748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 355A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~llmg3n00&c=2824008421721&slotId=1412004210860.5&qqid=CMmG6O7G8IADFYaodwodgBkCgQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=835&mt=video%2Fmp4&vs=640x360&dm=21000&ple=0&umsem=0&event_name=first_play&asset_bytes=186228&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=8&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.r1~ff.r7~videopreviewstarted.r8
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=41551x160x600x7144x_ADSLOT1&keywords=bewab,web,articles,protocol&refUrl=&refresh=false&innerWidth=1600&cb=1692717174807
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8866873b1c30b2b38229419bb34353aeb1f5910015e12494cf78984d6062ddee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
headerbid.js
served-by.pixfuture.com/www/delivery/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: bewab.co
URL: https://bewab.co/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.22.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:54 GMT
last-modified
Mon, 14 Aug 2023 15:25:18 GMT
accept-ranges
bytes
content-length
3009
content-type
text/javascript; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 0295 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2kJbAkme-xTRkNh5C4hPi60Gy1fwwGF1qITnFIfBaKLIA11P4qz38d90hFRlmRkZpAfcTbSl-3MqHwnPOl0toEX5WeN8hJaou7_q0iUiG0BiGzqNxx8gCc_OaVwJL&sig=Cg0ArKJSzLjmtu6fOsjsEAE&id=lidar2&mcvt=1004&p=761,988,1011,1288&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230821&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=726961924&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692717173482&rpt=402&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CC5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BGEyldtDkZPXzH9ChhcIPjpSd0AwAAAAAOAHgBAI&bg=!V1SlVBvNAAZGPLJIZjw7ADQBe5WfOLBuZm3ksQa6owl4slakTy1USfFiRDFn9GGR8wUFPV_rF8Wkaf5sdSGp7j-IYA8hAgAAAJFSAAAACGgBB5kDIm-xl8MZVYLufsdFN2q8KoHVG43NNBizbKj0t7uLgngAgPWEfOdNXr-8vraQQF_SVBI5Qj4rLzEmzqNjIJ42gTRTzYkKjJ8QeDD9n_rDXdIJRg_IyopmY2FKP9x6QDgynRJ66I-woJ0U9fP9NwtHj6D7xu0aaSPnWD0adpXhQQod5jA8pydkhxj4BMHuaGTvc8yk1kj9h-p_75s_WS3nFXSZHWakR1afNYtkN47PuJcUcmRBTfd1Um3qNCE3MqsCsc3cugYlb-xR2RsqBYfK9kOvwYFrv3VHc9Z0cNAKFZWfZuW9fumF9tRGDJjHuT-rF0gbyc3Rhiwgx2dQbh9R_0su3GbK-SnN-05JnFtPRw2Bx1l7kXn_r1VajseebCwTNev1SJUz8yNH7KZON3Z61aL6cZluoY5CMY3mIeHrwZLI3I2pXcTavngwZyPLpK8fbRhtdlr-qQYsM7RWhONGcIf7ShMBQ-5ip59J1BgHem0LcdyHkYLvKAZZQqHHMEpgeddJIdlKbz331XfkC5TmV2t1FISbkJV0usRE3VXs5dyWDR9H27TcqRD0VvTnshi8_m6wUs_ffG4BPKGM8N3Q_yAttUZkqu6v6hwpEZINvBArbHVY5dW2heWil1ElvyRaQUaw94p77apwkFrQY60Qq5LX3NksPp3PMYyLEPz8CaRp6EPKEy50VQUCP4Trpwqhn4tZKdrxJ3GP23JiQggokpJh_p6Oj9QyU2jvQQSx-s-Kz52WquMFc7ZPcCN2fAYyFoci-6e_F3AFwzdN3kqunq-B1KmrZngLp7Q0AGii3-h1D2sr5eAV-4veY3xAUiQIBn46iVKKG7XJEvK-YtOupjsL1DP-wkQUcY6WtY1EiCg0qkem3F89RmLNTYkAGFzNSUzf-MJoe7pK7Cp4WkZmC3d-vf063RuBo4t-qOv2DPFwwQqhma2JrVzfwn2ZU1iiNsPK0PTgVbN_2GS80oKLm6HCewViWH5fjuB9yE8urVWZGKL-kD56E7DFjl4oebZdBlHFa8I2k624qwHAgnTVae0wJ8WZqVGrTUmGoEUDKXC5IVE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0295 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=3971399167145848&bg=!srGlsf7NAAZGPLJIZjw7ADQBe5WfOJ3SFfztH29D0JZ3n0Y2h3Xc-Xr2MhWnWXdMFdBX7nwc4yDbF5Sny000CG_QtxvcAgAAANFSAAAABmgBBwoAW4y5ynoFU9r8FVM4LLADGGoHfyl-m66UaJQ-VFuh9VOzX-PFapIEBiBGQA4WxckcO-hQo6LvjAeAlQFo6nKcGYC_DrnwTTq46EKjkQnq-_WoJD0qzZDIOh5NMfuZAscraCR1I2kPHgf_rzlLzkK6mebxTmYZGB9zk6qBOVRKCXRzkXpVRXGSan1QiD3V79Xb48YBkKQqhS6cZQpgRaV47aiUQGIpoyCqNv6yXJVDPRJBee727KhihBBpxjCG_IhBIN1RrhmimIXG2dAkQjknVvWCe3usygtV4e3vLfGSNOOSzBVQw1a9Pgz1fXXm10oI95fK5AOK3DuLEh7dDcZazguNiSN_VA0nzuEVaAsOMHvYKTC5Q1Y89dJg0fKII_THMUzcQhx5XwPeICBBvgK_favNPpzv_qEyaOZHT1huayqRy5gOzS7fPvvJSqvSC6iTd5vH0wXvIZc7BOwKj5LiEuObz16IUHo8rE-GAxVRg_s-Dkds0BU0mBOuxzwvxiBAs_XPPB7Nb8hZDnWgepNjNh8UgNSo1aH7U-Wj_fxSUK0lPWgFv7k1syTHLg2LZVaCxJIMFM2d2ZTiKRHqDof11Zy4ANIxYUbAYfjRitlas8P4fr5dO33SqiPkt-EyGXnxGJNk2HKE8aohsupnrJ58hUQmXqpBirDhzsfL_h-G6cnLfZlOtRzUzJEHLZu2TIdejmDw8XP7YgXSslEy4ITcuWEHRML0vCU4GOdwlWtgYSBndNN1TMfNU_fVcot8yTJP7i9JxxtD6Cs8tCd6TSRhytx-QxL0AsTvw3wyLBcJVbA4bkYwCSCjb46rxdYgO2Isl6PjcKAdLsvRX4autnaEx06nyqegsqXKKKrd4f04WFGE7NQKN7onBhIOWsRlcQ7pbfAJ-0o_Yl4w219PdHYtsoPCEqTJoktZ-nVx0v9W55kwpYOqvpStgHZr6pooAkOnQH0mQJGk2B79NRYmSgqhdTu7kjTCxMuNl2itH7VND_v0--AYESTmH8fOhZFgeCsqZY90v7dX9WOlxP_lul63UOqG_PTgm4ljDAgmAO4UJz3LBKH6RyQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=41551x160x600x7144x_ADSLOT2&keywords=bewab,web,articles,protocol&refUrl=&refresh=false&innerWidth=1600&cb=1692717174946
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
44063b3ab01f27c10689bc9a95378354846eea7a8f4120db6af7af32e6c24a68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A34 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8003735914450&version=m202307240101&ct=76&x=1&cor=6398770887915769000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ Frame 9124 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pixf_sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://cdn.pixfuture.com/
Origin
https://cdn.pixfuture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7fac0e880fcb18e6-FRA
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbewab.co%2F&domain=bewab.co&bundle=gdkBiF8lMkJOU2NBNSUyRkdCY2J6RUtnQmNSNERsaFBrOUtVT1RJY3lpa0NUaFBLOEZ2eUYzbDBsNHZoVUM3ajBuZm9jTlVoRTNZVXVLMUpvOUxwbHp3UTJJZFlWUnFTSXJRbDdKRmpmVklVcTFMUHFFTURZdFdMMnplTnV4elV6TllZdG1SMUE3UEdhRHBpS3NNWjh3YlFmT1RFYmR3JTNEJTNE&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://bewab.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 22 Aug 2023 15:12:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
193962
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbewab.co%2F&domain=bewab.co&bundle=gdkBiF8lMkJOU2NBNSUyRkdCY2J6RUtnQmNSNERsaFBrOUtVT1RJY3lpa0NUaFBLOEZ2eUYzbDBsNHZoVUM3ajBuZm9jTlVoRTNZVXVLMUpvOUxwbHp3UTJJZFlWUnFTSXJRbDdKRmpmVklVcTFMUHFFTURZdFdMMnplTnV4elV6TllZdG1SMUE3UEdhRHBpS3NNWjh3YlFmT1RFYmR3JTNEJTNE&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
229752
expires
0
f
fid.agkn.com/ 		0
0
prebid
id5-sync.com/api/config/ 		135 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
1d9589136856e9fa3302e22366121ecc44c06dbee390f9cef2acce74023e81e1

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bewab.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 21 Sep 2023 15:12:55 GMT
seg
secure.adnxs.com/ 		0
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/seg?add=27578847%2C27578847&remove=27578847&t=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
an-x-request-uuid
37301b0c-07d4-44f6-99b9-eba1bb20ddcd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
cdn.pixfuture.com/cdn-cgi/ Frame 9124 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.pixfuture.com/pixf_sync.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cdn.pixfuture.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7fac0e886a6a694b-FRA
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
054fdabf923823ad13846b5c82123680df2d97864f5f1aadf6934ea7cfa4e2c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
cookie_sync
prebidserver.pixfuture.com/ 		792 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/cookie_sync
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a61544bf1f5f6c8aaf3930d0f753c2247791c5bf0941c359573673da05b68ce8

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
792
expires
0
auction
prebidserver.pixfuture.com/openrtb2/ 		175 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
534220b4f3179db2c286849d8c96dc052b279e5379fd4f27f8ddecf0579b1c24

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
prebid
prebid.media.net/rtb/ 		338 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf18cb5b3f858150a1cabfdbfe8342c3e7c2218065fd9b55384cfadbb693f610

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bewab.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 22 Aug 2023 15:12:55 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bewab.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a92da9304a9303782c25147a1dce9f4e6eaf5a355d7b46d711cf252ad563edad

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 15:12:55 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://bewab.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
btlr.sharethrough.com/universal/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.141.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-141-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbewab.co%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=61f4467a-a137-41c6-aa31-ed8634d90c8c&nocache=1692717175185&pubcid=5afaae23-7d3f-4f70-841b-e49e860a3118&schain=1.0%2C1!pixfuture.com%2C7144%2C1%2C%2C%2C&aus=320x50&divids=41554x320x50x7144x_ADSLOT1&aucs=&auid=540580841&tps=bXlrZXl3b3JkPWJld2FiLHdlYixhcnRpY2xlcyxwcm90b2NvbCZteW90aGVya2V5d29yZD1iZXdhYix3ZWIsYXJ0aWNsZXMscHJvdG9jb2w%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5b8010828c6ab8fd130895601e516bfb4e5c44ba4f87945f3f867a54e24bb5b8

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://bewab.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		383 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=400550&zone_id=2245168&size_id=43&p_pos=atf&rp_schain=1.0,1!pixfuture.com,7144,1,,,&eid_pubcid.org=5afaae23-7d3f-4f70-841b-e49e860a3118%5E1&rf=https%3A%2F%2Fbewab.co%2F&kw=bewab%2Cweb%2Carticles%2Cprotocol&tg_i.domain=bewab.co&tg_i.cat=IAB1&tg_i.sectioncat=IAB1&tg_i.pagecat=IAB1&tg_i.page=https%3A%2F%2Fbewab.co%2F&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=61f4467a-a137-41c6-aa31-ed8634d90c8c&l_pb_bid_id=18a1ffcf42183f7&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.47472518853147294
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6101ffc555b5aa289fa5fb81b7f9827a476f2c97e32f583f7b2f55d0acf4a700

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
383
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
ghb.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454:0:e082:abff:fefe:d1d2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
63752a316c0a0ee94f36930d4b559a658c2286dd12a061637044a8ddca1c5bfb

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 15:12:55 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://bewab.co
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
818
trinity.json
apex.go.sonobi.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2222a2d5e7819b247%22%3A%22277a716b3c3b01668abf%7C320x50%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fbewab.co%2F&s=f0cbdff8-150c-4085-8859-84b00c28e56b&pv=19798ab2-bfb2-4432-bf95-036d21e7b2dc&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22bewab.co%22%2C%22cat%22%3A%5B%22IAB1%22%5D%2C%22sectioncat%22%3A%5B%22IAB1%22%5D%2C%22pagecat%22%3A%5B%22IAB1%22%5D%2C%22page%22%3A%22https%3A%2F%2Fbewab.co%2F%22%2C%22keywords%22%3A%22bewab%2Cweb%2Carticles%2Cprotocol%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%227144%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%225afaae23-7d3f-4f70-841b-e49e860a3118%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225afaae23-7d3f-4f70-841b-e49e860a3118%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=bewab%2Cweb%2Carticles%2Cprotocol&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
73f026758bcc856339170fe8ccf2a5011d15f9e83942d33436b84682f8306bc7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-165
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1216
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=3284829471672563&bg=!V1SlVBvNAAZGPLJIZjw7ADQBe5WfOJ4Dxps7X9xlV-q6OTaC_tk4jZqTYMFJlBOwlQI7NQus_KcQ_T_37VDE2uOSQzVLAgAAAJZSAAAABmgBBwoARgsjDyLYOQLER21N476fYFJq4KKluGJxtrBecnVd9NBj1FJr0rbkxypj7loMbgo4ZdQUMo8-joxFbwN6icazqz1UKlGI2kaZArdCdXxjOW7hvM21nSsZkpFxvbuSbiI49i3jdjRV7SWCtypvfRljXZkRrd_lico7KIjDfOvuizUdzaPcy9IoFvFe9_iR5KCRtiMF-sTJNcYJhdXV2JZprnHGI0k-d0lx2u55Nx4ayVYaPurM1-73c5yBC1zSs3FEa0fefJno0NFEzqsLxCal9L9ziAPGZ-TkmFnoxEhERG7WJfhA400KXQYh3QU1UT-rJ0ESOtF1Nkt8ODixVlZffy--A0b_ae4pEs68KXbB4tiNCMZzu4hFOTP6RKwo-fRf7H98igysXO8X7-RqlbJcbtvV97HdF26BmG6RvGzOC0o6XWHgLBVwMUvI1avg0KBJWionXFd7SLUHks_LguRjNVMShQoXX0mIo457Oxip0FJUZPJ5-R4tyyrZCKlG7Cuel5BuFsbllWJ869laczsKe7HSeHFB2Rwhpk-6TOzsyARpwtNDp73u0pFZ5_I1tZU8x9f3zi5C27OXWClsKtYUL9TgRFHBUQxJViGS6gzPUZaVFWtzO0mgj9slsnEDUbPF69IEfho7pdwFojjWsVzYAlKzCgMOenzr_Iq65sorPWYMB5hfbp91dGcvzB8_h3PxKkopZVpYsSNF0HM1PjAzleMIpnJXHoe9xkg81dEmQ6-WzyWBG8iTSoz0Hu4wOHMBQRO7Wh3olMm9Sh-xmEdabJyFW_apb7jZrKpprVFr08Rf95t5OaBjFTAcxVXIBwlqMZ6tPSxFFJIGFy7TUG-yXetGTnpKicl9dELdTl5D3AADUG60Ef9pH6KJ49NuKtETQDMB9qyUSKH0-2Go5wLl2jjQjeWStnrLNjYpMzEAJP52_H6VrwjgdhVB1PjjzSYHvrwCfVeZs66fbt74Vnu-vT0PSNhOS9VoQcIfGHzwGqF7Dg44UqKtVDeDqM6kPXrLLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
529.json
id5-sync.com/g/v2/ 		276 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
ac1950bdeb5f114cba1f9440c556f7dcb39865483512ebfdf6ff374ff05ff931
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
auction
prebidserver.pixfuture.com/openrtb2/ 		175 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c844ea3a4e9627e888b54efd92fc648130a8a4bc6ae5e29824a07343639c539b

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
v1
btlr.sharethrough.com/universal/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.141.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-141-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
trinity.json
apex.go.sonobi.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22370663e7071134b%22%3A%22a80d3fcd27f269e57059%7C160x600%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fbewab.co%2F&s=1efd9444-bd2a-4345-a7d8-b4c9bf587985&pv=19798ab2-bfb2-4432-bf95-036d21e7b2dc&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22bewab.co%22%2C%22cat%22%3A%5B%22IAB1%22%5D%2C%22sectioncat%22%3A%5B%22IAB1%22%5D%2C%22pagecat%22%3A%5B%22IAB1%22%5D%2C%22page%22%3A%22https%3A%2F%2Fbewab.co%2F%22%2C%22keywords%22%3A%22bewab%2Cweb%2Carticles%2Cprotocol%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%227144%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%225afaae23-7d3f-4f70-841b-e49e860a3118%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225afaae23-7d3f-4f70-841b-e49e860a3118%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=bewab%2Cweb%2Carticles%2Cprotocol&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3cf7508697d20aed7674f1be23c3f1c7671afb9d6d9bf5ded1521c8f3397ef99
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-189
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1207
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		382 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=400550&zone_id=2245168&size_id=9&p_pos=atf&rp_schain=1.0,1!pixfuture.com,7144,1,,,&eid_pubcid.org=5afaae23-7d3f-4f70-841b-e49e860a3118%5E1&rf=https%3A%2F%2Fbewab.co%2F&kw=bewab%2Cweb%2Carticles%2Cprotocol&tg_i.domain=bewab.co&tg_i.cat=IAB1&tg_i.sectioncat=IAB1&tg_i.pagecat=IAB1&tg_i.page=https%3A%2F%2Fbewab.co%2F&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=514d250e-ff29-4ba5-aa86-791f32b6e22e&l_pb_bid_id=393e139b80377cc&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8541348628956773
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5d1bb4799403d6012b3bd19e3d43506d76135deb05e9a61cb5690ddd8e43952a

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
382
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		338 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d23326872ecf307e6d927795a4e1a4f84d0eb2ad7267681b429f66c687e0cff2

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bewab.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 22 Aug 2023 15:12:55 GMT
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbewab.co%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=514d250e-ff29-4ba5-aa86-791f32b6e22e&nocache=1692717175256&pubcid=5afaae23-7d3f-4f70-841b-e49e860a3118&schain=1.0%2C1!pixfuture.com%2C7144%2C1%2C%2C%2C&aus=160x600&divids=41551x160x600x7144x_ADSLOT1&aucs=&auid=540580839&tps=bXlrZXl3b3JkPWJld2FiLHdlYixhcnRpY2xlcyxwcm90b2NvbCZteW90aGVya2V5d29yZD1iZXdhYix3ZWIsYXJ0aWNsZXMscHJvdG9jb2w%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
336ed034f793c16c4ff629529daa259667d7eef2e6963ec2c34759c48ae3aca0

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://bewab.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		23 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0e1c641233311962fb29932594790717d9c2b1d8f5427991fb6eca127fb87b21

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 15:12:55 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://bewab.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
v1
prg.smartadserver.com/prebid/ 		171 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bewab.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
/
ghb1.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6a1d4dfa48928d1c3a4af6d9dfdb7cdec990894056ed115ddbaacda3acd700a9

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 15:12:55 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://bewab.co
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
834
translator
hbopenbid.pubmatic.com/ 		0
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebidserver.pixfuture.com/openrtb2/ 		176 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f92b65e584c806a73e5f6c977ea25acda30b61248d2ff9ef6ae0f5127df5695e

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
v1
btlr.sharethrough.com/universal/ 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.141.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-141-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
prebid.media.net/rtb/ 		338 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac1cdabac1764a0230ff8cae64edf9f287f0d7c7d88798e43a07d3c1ea0ff095

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bewab.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Tue, 22 Aug 2023 15:12:55 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		382 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=400550&zone_id=2245168&size_id=9&p_pos=atf&rp_schain=1.0,1!pixfuture.com,7144,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=5afaae23-7d3f-4f70-841b-e49e860a3118%5E1&rf=https%3A%2F%2Fbewab.co%2F&kw=bewab%2Cweb%2Carticles%2Cprotocol&tg_i.domain=bewab.co&tg_i.cat=IAB1&tg_i.sectioncat=IAB1&tg_i.pagecat=IAB1&tg_i.page=https%3A%2F%2Fbewab.co%2F&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=7b8e07c7-9016-4a36-9bbe-203b6d197995&l_pb_bid_id=663e83044f14e1c&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7437652797284768
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5da22baf9aa30bfaf18f88e146e45bbd7dc2162ec1115fffb4e4a2449a79d9c9

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
382
expires
Wed, 17 Sep 1975 21:32:10 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
/
ghb2.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.201.34 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
static-34-201-205-209.24shells.net
Software
Adtelligent /
Resource Hash
2de507d08dffeb969d4275afac9419997b0e100fbff0f6c5db252d6313fd7e5f

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 15:12:55 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://bewab.co
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
831
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbewab.co%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7b8e07c7-9016-4a36-9bbe-203b6d197995&nocache=1692717175301&id5id=0&pubcid=5afaae23-7d3f-4f70-841b-e49e860a3118&schain=1.0%2C1!pixfuture.com%2C7144%2C1%2C%2C%2C&aus=160x600&divids=41551x160x600x7144x_ADSLOT2&aucs=&auid=540580839&tps=bXlrZXl3b3JkPWJld2FiLHdlYixhcnRpY2xlcyxwcm90b2NvbCZteW90aGVya2V5d29yZD1iZXdhYix3ZWIsYXJ0aWNsZXMscHJvdG9jb2w%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
92813fc83e52b2ebc494465b144483d07e7552fc936261292c1ffa977d0118f3

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://bewab.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bewab.co
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bewab.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f36d8a1ccd4d12529a6093aae8ea221dbc113e2e7f0835c871597b451fde5e09

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Aug 2023 15:12:55 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://bewab.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
trinity.json
apex.go.sonobi.com/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2280c5613e7760ec4%22%3A%22a80d3fcd27f269e57059%7C160x600%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fbewab.co%2F&s=e149b9c6-0176-4b3f-b9ab-dbe9e2d25ac3&pv=19798ab2-bfb2-4432-bf95-036d21e7b2dc&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22bewab.co%22%2C%22cat%22%3A%5B%22IAB1%22%5D%2C%22sectioncat%22%3A%5B%22IAB1%22%5D%2C%22pagecat%22%3A%5B%22IAB1%22%5D%2C%22page%22%3A%22https%3A%2F%2Fbewab.co%2F%22%2C%22keywords%22%3A%22bewab%2Cweb%2Carticles%2Cprotocol%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%227144%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%225afaae23-7d3f-4f70-841b-e49e860a3118%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225afaae23-7d3f-4f70-841b-e49e860a3118%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=bewab%2Cweb%2Carticles%2Cprotocol&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c1a65c5cc63842478c419d113c2ed49e5605384d1e35b713aad5b797428089f3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://bewab.co
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
782
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
ads.us.e-planning.net/uspd/1/ Frame 15B3
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
56970f4953389c6f130042268b12e31a344ee3c3aeb26681c0b9a44bf2f07178

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 22 Aug 2023 15:12:55 GMT
expires
Tue, 22 Aug 2023 15:12:55 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 22 Aug 2023 15:12:55 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
ads
securepubads.g.doubleclick.net/gampad/ 		382 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284829471672563&correlator=2016820685738951&eid=31076398%2C31076475%2C31076868%2C31070233%2C44714449&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=330713950%2Cgam-bidding-0.02&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C320x50&ifi=5&didk=3832176550&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Db97fe506617760f8%3AT%3D1692717172%3ART%3D1692717172%3AS%3DALNI_MaAyBZemUt06OcBLpgzdcKeT-pENg&cdm=bewab.co&gpic=UID%3D00000c65f80093c4%3AT%3D1692717172%3ART%3D1692717172%3AS%3DALNI_MbGbpoODf-7sDtZ8x2hLCGXMf3Kzw&abxe=1&dt=1692717175670&adxs=640&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=bewab.co&loc=https%3A%2F%2Fbewab.co%2F&vis=1&psz=320x-1&msz=320x-1&fws=512&ohw=0&ga_vid=1245587961.1692717172&ga_sid=1692717173&ga_hid=492375642&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYvI657qExSABSAghkEhkKCnB1YmNpZC5vcmcYmpG57qExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLyOue6hMUgAUgIIZBIXCghydGJob3VzZRiikbnuoTFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pT0dGcWFFOWxObTlST0U5bk5WcHlWMHB6Y1RaQlFUMDlJbjA9GIyUue6hMUgAEhkKCnVpZGFwaS5jb20YvI657qExSABSAghkEhsKDGlkNS1zeW5jLmNvbRjnkbnuoTFIAFICCGo.&dlt=1692717172024&idt=487&adks=2134909251&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
333d1ecbcaaf920e87b5f740ddc959240e049f681bb7047a2f68f1dc834cff69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame 15B3 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D927a4eee13039382
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbs.gif
sync.admanmedia.com/ Frame 15B3 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D927a4eee13039382%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
prebid
rtb.openx.net/sync/ Frame 15B3 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D927a4eee13039382%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 15B3 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 20 Aug 2028 15:12:55 GMT
um
u-ams03.e-planning.net/ Frame 15B3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D927a4eee13039382%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=927a4eee13039382&uid=1767717742930980986
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=927a4eee13039382&uid=1767717742930980986
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Tue, 22 Aug 2023 15:12:55 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
an-x-request-uuid
7d6320f2-4ada-4595-af14-e380b569ca84
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=927a4eee13039382&uid=1767717742930980986
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 15B3
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D927a4eee13039382%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=927a4eee13039382&uid=ua-8a4cf9f4-cabf-338b-b4cc-a3c979c11c6b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=927a4eee13039382&uid=ua-8a4cf9f4-cabf-338b-b4cc-a3c979c11c6b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Tue, 22 Aug 2023 15:12:56 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=927a4eee13039382&uid=ua-8a4cf9f4-cabf-338b-b4cc-a3c979c11c6b
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-store
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame 15B3 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D927a4eee13039382%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-ams03.e-planning.net/ Frame 15B3
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=927a4eee13039382
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=927a4eee13039382
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=927a4eee13039382
date
Tue, 22 Aug 2023 15:12:56 GMT
server
fasthttp
content-length
0
usync.html
eus.rubiconproject.com/ Frame CECF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 15:12:55 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Aug 2023 15:12:55 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A66 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112633
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 15:12:55 GMT
expires
Wed, 23 Aug 2023 22:30:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 37FC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2409b5ebc46d5a20b30aceefd8b635780779251625e58ce4ebbe4087db6806b9

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7fac0e8caef84516-TXL
content-encoding
br
content-type
text/html
date
Tue, 22 Aug 2023 15:12:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=on1ubcbDyumUnr9a98qVzXOtitsEXYLbTcLGqJqkdUscyjvgWJmB4TRokU8Sc7O8ZSWA5Q27egzMgECwzQDGHRQXUUp2a5goTB%2FQ6iMB4C3oWX%2FqkJd8aBNdleImvTm9eIrMIX5S"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame DF45 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Tue, 22 Aug 2023 15:12:55 GMT
etag
W/"61ddbb71-5f5"
expires
Thu, 02 Mar 2028 17:17:56 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
91f8376753e6a5144787f3a0dca6e4df
x-cf-tsc
1677950277
x-cf1
29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 1FDA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 782E 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c48a7164aecab76b2fb3aade87c4e0579927f3bd11bf943674fc712824b9f8b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7fac0e8cb98a37ca-FRA
content-encoding
br
content-type
text/html
date
Tue, 22 Aug 2023 15:12:55 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
usync.js
eus.rubiconproject.com/ Frame CECF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Aug 2023 10:07:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68011
Connection
keep-alive
Content-Length
10116
Expires
Wed, 23 Aug 2023 10:06:26 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9A66 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23469522&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
40075559be6a25f91cda363732a2130b3f860bb3cee22dd480e9b16bd30374e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame CECF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=LLMG3NL7-N-DMBS
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
casale
match.adsrvr.org/track/cmf/ Frame 37FC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 37FC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V35SM2SRZ0AX1SC4GETB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y5ZHJEDR0S4QWYYS3H2P
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 37FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL3NWrfJfwejH7ufjvPoe1o&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL3NWrfJfwejH7ufjvPoe1o&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6E%2BK9WwyVVWFwoLeG1Hg7kUAEBJso7ps35%2FWFaFRsALG9AFue%2BxOOhbZATF7dV6kmQTTAxBt5dZaCQwbunj0NKwIr3p7r%2FcRJY39o9WtnznvUmGILJwYj0VRxWw323at4LXn4QAeYLoLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fac0e8d782e4516-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEL3NWrfJfwejH7ufjvPoe1o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 37FC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1767717742930980986
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1767717742930980986
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
an-x-request-uuid
9ea30a9c-8bdd-4e05-b589-54cd4c1bf3d2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1767717742930980986
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 37FC
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Tue, 22 Aug 2023 15:12:57 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 37FC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZOTQdwAAAPAj-wBV
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZOTQdwAAAPAj-wBV&_test=ZOTQdwAAAPAj-wBV
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZOTQdwAAAPAj-wBV&_test=ZOTQdwAAAPAj-wBV
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230098-FRA
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692717176.048279,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZOTQdwAAAPAj-wBV&_test=ZOTQdwAAAPAj-wBV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 37FC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5823867715216544255&expiration=1693926776
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5823867715216544255&expiration=1693926776
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5823867715216544255&expiration=1693926776
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
bridge
cm.adgrx.com/ Frame 37FC 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
um
u-ams03.e-planning.net/ Frame 37FC 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=927a4eee13039382&uid=ZOTQdTTaCGWnmtdMMEnXvgAA%261131
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Tue, 22 Aug 2023 15:12:55 GMT
content-type
image/gif
320x50.png
cdn.pixfuture.com/banners/ Frame 4138 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/banners/320x50.png
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f83d6d161d5d98ac0a6305e882cbf211c330178f30bac4095f967b5475c0e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
172669
content-length
20836
last-modified
Tue, 02 Feb 2021 21:40:24 GMT
server
cloudflare
etag
"6019c6c8-5164"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGsEDFVVeFqj%2Fjf5E%2F1c%2B0O%2BlufeotsZdY0TAVdsGO3SCaMAv6skg4dnDww5yGGhrYXiSyxrv1CiiAmkhwRwSwKvcLSW3wmxCRBv6jWdkFDwqPM3VUVvE9qlcFEUv1SfDYi6l2GUbaB8Nsqznc0f"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7fac0e8d2830694b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 21 Aug 2023 16:44:40 GMT
getuid
ib.adnxs.com/ Frame 782E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 782E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=f9af2bef-a57b-498c-b91d-be9cabc6d192&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f9af2bef-a57b-498c-b91d-be9cabc6d192&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8e0b9837ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Tue, 22 Aug 2023 15:12:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=f9af2bef-a57b-498c-b91d-be9cabc6d192&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 782E 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 782E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 782E 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Tue, 22 Aug 2023 15:12:55 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230060-FRA
server
nginx
x-timer
S1692717176.921454,VS0,VE9
x-fastly-to-nlb-rtt
7497
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 782E 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 782E 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 22 Aug 2023 15:12:54 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 782E 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b002:30d4:cd9b:2350:dbd6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a452d295-2545-4f0e-4080-766c2b20dc18&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a452d295-2545-4f0e-4080-766c2b20dc18&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=47705237612896786474595088793541392144&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=47705237612896786474595088793541392144&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8efd0237ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v050-0db816301.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
TFqA8EG2RkA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=47705237612896786474595088793541392144&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 782E 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=a452d295-2545-4f0e-4080-766c2b20dc18&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023082217-32235-0.975762001692717175-272a702d339fe825a9fb50514ced0a2a&zdid=533&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023082217-32235-0.975762001692717175-272a702d339fe825a9fb50514ced0a2a&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8e0b9b37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023082217-32235-0.975762001692717175-272a702d339fe825a9fb50514ced0a2a&zdid=533&env=mWeb
Date
Tue, 22 Aug 2023 15:12:55 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7270164908032129181&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7270164908032129181&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8dbb1b37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7270164908032129181&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Date
Tue, 22 Aug 2023 15:12:55 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 782E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a452d295-2545-4f0e-4080-766c2b20dc18
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a452d295-2545-4f0e-4080-766c2b20dc18
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a452d295-2545-4f0e-4080-766c2b20dc18
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 22 Aug 2023 15:12:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=a452d295-2545-4f0e-4080-766c2b20dc18
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=t0JIisAW0Fw9qmwAIqddSO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=t0JIisAW0Fw9qmwAIqddSO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8e8c4c37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
via
1.1 google
last-modified
Tue, 22 Aug 2023 15:12:56 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=t0JIisAW0Fw9qmwAIqddSO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 782E 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a452d295-2545-4f0e-4080-766c2b20dc18&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a452d295-2545-4f0e-4080-766c2b20dc18?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8d7abd37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
cache-control
no-cache
x-server
10.45.26.58
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-HfKCzbtE2oqL0CwqGcYxnqCNXuv.OCIE1w--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-HfKCzbtE2oqL0CwqGcYxnqCNXuv.OCIE1w--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8ecca937ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-HfKCzbtE2oqL0CwqGcYxnqCNXuv.OCIE1w--~A&zpartnerid=570&env=mWeb
date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=7YguWSdCLVzVJrxztOcwz5H3TTfq5okp%2BS41iYitP1U%3D
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=7YguWSdCLVzVJrxztOcwz5H3TTfq5okp%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8d6aad37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=7YguWSdCLVzVJrxztOcwz5H3TTfq5okp%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 782E 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 782E 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.132.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-132-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1692717176
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 782E 		95 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a452d295-2545-4f0e-4080-766c2b20dc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
date
Tue, 22 Aug 2023 15:12:47 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZOTQdwAAAPAj-wBV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-243...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZOTQdwAAAPAj-wBV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8f1d3e37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230098-FRA
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1692717176.068052,VS0,VE88
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZOTQdwAAAPAj-wBV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 782E
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b...
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.249.132.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-132-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=40 t=1692717176
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
date
Tue, 22 Aug 2023 15:12:56 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a006-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 782E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a452d295-2545-4f0e-4080-766c2b20dc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-408...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a452d295-2545-4f0e-4080-766c2b20dc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-408...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a452d295-2545-4f0e-4080-766c2b20dc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WANZ3KKDX8X09Z5TJPKW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2WNQ07NNAE3PCJ5ZPMAE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a452d295-2545-4f0e-4080-766c2b20dc18&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 782E 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e903ed337ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
date
Tue, 22 Aug 2023 15:12:56 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 782E
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20...
  • https://mwzeom.zeotap.com/mw?cid=LLMG3NL7-N-DMBS&env=mWeb&zpartnerid=1770&gdpr=1
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LLMG3NL7-N-DMBS&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8f9df837ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LLMG3NL7-N-DMBS&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame 782E 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da452d295-2545-4f0e-4080-766c2b20dc18%26reqId%3Dc39eae67-ec26-47a5-792e-2433cf2b8dac%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.208.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 782E 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8f1d4c37ca-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 782E 		557 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982556d28de29665e38b1d8730e9fe7a36726146f333521f1e5088f722f30696
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e8d3a5e37ca-FRA
access-control-allow-headers
*
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 15B3 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 b2bc712713f500af8be071fa65fa924c.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
13065
x-amz-server-side-encryption
AES256
etag
W/"0c967603b7e4d32b78b7ca772270a5c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
HyWb3LzYgJLDHQYf4mqZwcPPCVgOzR9r1i1w7pXN_i1p0s6hAU0Exg==
csi
csi.gstatic.com/ Frame 355A 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~llmg3n4x&c=2824008421721&slotId=1412004210860.5&qqid=CMmG6O7G8IADFYaodwodgBkCgQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=835&mt=video%2Fmp4&vs=640x360&dm=21000&met.4=vfl.t2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
15581
rtb.gumgum.com/usync/ Frame E1C4 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.201.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-201-40.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a11812e6464df5f4feb872949d4c5f8c4a62f93c5060f4ed5f3cc4e9c93bc28e

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 22 Aug 2023 15:12:55 GMT
etag
W/"08f6fde2affdd38ed6fea0cd76cb4abb9"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame DC14 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 22 Aug 2023 15:12:55 GMT
setuid
prebidserver.pixfuture.com/ Frame CCCC 		0
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AM20AgHu8EED3r%2fp
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 22 Aug 2023 15:12:55 GMT
expires
0
pragma
no-cache
vary
Origin
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame CC4E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:55 GMT
expires
Tue, 22 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
770165
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame C7DB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EGYY0DDGHGGY6D38CXX8

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 22 Aug 2023 15:12:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YAP986W3Q6ANSKF1DKP4
Pug
image2.pubmatic.com/AdServer/ Frame 6306
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6agVhLusR4jyrEjT6qhd1Of4FoHyqxGA7qxahYFV
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6agVhLusR4jyrEjT6qhd1Of4FoHyqxGA7qxahYFV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6agVhLusR4jyrEjT6qhd1Of4FoHyqxGA7qxahYFV
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 30A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1767717742930980986&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1767717742930980986&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d78d5a34-e9d7-490e-8da3-3bd710bb8686
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 15:12:55 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1767717742930980986&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
sync
sync.srv.stackadapt.com/ Frame 62AA 		0
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.213.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-213-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 02ED
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270164908032129181&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270164908032129181&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 22 Aug 2023 15:12:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7270164908032129181&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 11B7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZOTQeAAKgvf2ywAN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230098-FRA
x-timer
S1692717176.128303,VS0,VE88

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZOTQeAAKgvf2ywAN
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230098-FRA
x-timer
S1692717176.994134,VS0,VE93
Pug
simage2.pubmatic.com/AdServer/ Frame 37B7
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 15:12:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame FB32
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUd49150529e0e422c85fa709748dcc170&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUd49150529e0e422c85fa709748dcc170&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPUd49150529e0e422c85fa709748dcc170&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 8239
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDd1lrN0p5YUVBQUNVclliUXY0UQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACwYk7JyaEAACUrYbQv4Q&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2586407152700043406&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AACwYk7JyaEAACUrYbQv4Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2586407152700043406%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2586407152700043406&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACwYk7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACwYk7JyaEAACUrYbQv4Q&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACwYk7JyaEAACUrYbQv4Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACwYk7JyaEAACUrYbQv4Q&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame FC4E
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826653479319
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826653479319
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 22 Aug 2023 15:12:56 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826653479319
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
bridge
cm.adgrx.com/ Frame 4FF3 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
Pug
image2.pubmatic.com/AdServer/ Frame F560
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=193533971124354479
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=193533971124354479
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=193533971124354479
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cookiesync
core.iprom.net/ Frame 68ED 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-dbdbc0b9a11d@version_1.566
X-core-time
0ms
X-server-arch
v2
cm
ipac.ctnsnet.com/int/ Frame 05C7 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 22 Aug 2023 15:12:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 582C
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 86A3
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qad0xifweuyi
42 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qad0xifweuyi
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qad0xifweuyi
lws
38
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 3C7A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a1e61fe02083932c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgbnUbMnaXaSYRYXj&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgbnUbMnaXaSYRYXj&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=HHt10NrrgbnUbMnaXaSYRYXj&gdpr=0&gdpr_consent=
um
u-ams03.e-planning.net/ Frame 758C 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=927a4eee13039382&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Tue, 22 Aug 2023 15:12:56 GMT
server
openresty
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=epVfa4AiSl2l1brpC-4JiA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=112632
accept-ranges
bytes
content-length
5606
expires
Wed, 23 Aug 2023 22:30:08 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 9A66 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.247
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 9A66
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=650533134
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
via
1.1 google
last-modified
Tue, 22 Aug 2023 15:12:56 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
date
Tue, 22 Aug 2023 15:12:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 9A66
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzhoN21FcGYzcmdUYlctcUZEbFc0UVJvdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7878324549133378996&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
52.72.179.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-179-138.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:57 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 9A66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0E5NTVGNkItODAyMi00QTVELUE1RDUtQkFFOTBCRUUwOTg4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9A66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENsfMNcbw3blq449yfwbz-U&google_cver=1
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENsfMNcbw3blq449yfwbz-U&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENsfMNcbw3blq449yfwbz-U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 9A66 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 21 Aug 2023 15:12:56 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9A66 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9A66
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7878324549133378996
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7878324549133378996
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7878324549133378996
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9A66 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7A955F6B-8022-4A5D-A5D5-BAE90BEE0988?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5341:747:cc9:c512 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 9A66 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9A66
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_adc113d2-992c-4657-94d4-661d9700fa2b&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&gdpr=0&gdpr_consent=&gdpr_pd=
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9A66 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9A66
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8800757208030716490&gdpr=0&gdpr_consent=&us_privacy=
1 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8800757208030716490&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8800757208030716490&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9A66
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8c216082-6b04-48d2-8259-03f36fd72627&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8c216082-6b04-48d2-8259-03f36fd72627&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8c216082-6b04-48d2-8259-03f36fd72627&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9A66 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
usersync
usersync.gumgum.com/ Frame E1C4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1767717742930980986
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1767717742930980986
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
an-x-request-uuid
260e51d5-1d41-41f8-b15e-5b1564f05106
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=1767717742930980986
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame E1C4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7878324549133378996&ssp=gumgum2
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=7878324549133378996&ssp=gumgum2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Server
35.156.208.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=7878324549133378996&ssp=gumgum2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
syncPlatform
sync.outbrain.com/ Frame E1C4
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&obuid=ENC(MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
no-cache
X-TraceId
dd1706022f6e4557f3b6298be5ea6357
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Tue, 22 Aug 2023 15:12:56 GMT
X-TraceId
0562385c18afab87002260e5875c182b
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame E1C4 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
sync.srv.stackadapt.com/ Frame E1C4 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.213.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-213-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame E1C4 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5341:747:cc9:c512 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame E1C4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=b71c1241-8923-43d2-83f2-50c0cc3321ae
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=b71c1241-8923-43d2-83f2-50c0cc3321ae
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=b71c1241-8923-43d2-83f2-50c0cc3321ae
Date
Tue, 22 Aug 2023 15:12:56 GMT
Connection
keep-alive
X-CI-RTID
55fe5893-d0b2-42bc-b978-2cebce079faf
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame E1C4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame E1C4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
server_match
ad.360yield.com/ Frame E1C4 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.253.249.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-249-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Aug 2023 15:12:56 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame E1C4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=05fm1GB4BkLk&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=05fm1GB4BkLk&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=05fm1GB4BkLk&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-fh96x
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame E1C4 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:55 GMT
content-length
0
um
sync.e-planning.net/ Frame E1C4 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=927a4eee13039382&uid=e_d158073e-b266-4791-a7f9-e635cfae1bd2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Tue, 22 Aug 2023 15:12:56 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame C1F1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZOTQeAAKgtz25wAN
  • https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgtz25wAN&gdpr=&gdpr_consent=&_test=ZOTQeAAKgtz25wAN
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgtz25wAN&gdpr=&gdpr_consent=&_test=ZOTQeAAKgtz25wAN
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgtz25wAN&gdpr=&gdpr_consent=&_test=ZOTQeAAKgtz25wAN
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230098-FRA
x-timer
S1692717176.154472,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame ACFC 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMTU4MDczZS1iMjY2LTQ3OTEtYTdmOS1lNjM1Y2ZhZTFiZDI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B78B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112632
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Wed, 23 Aug 2023 22:30:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 5292 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 0F2A
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZOTQeMCo5ugAADCN1sgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZOTQeMCo5ugAADCN1sgAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 22 Aug 2023 15:12:56 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZOTQeMCo5ugAADCN1sgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad418.dc4p.scaleout.jp
X-SO-IP
217.114.218.27
X-SO-Key
ZOTQeMCo5ugAADCN1sgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZOTQeMCo5ugAADCN1sgAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad418"}
X-SO-LB-Hostname
a-tgng40017.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad418
gumgum
cs.admanmedia.com/sync/ Frame F4B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 22 Aug 2023 15:12:59 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame B04F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT Tue, 22 Aug 2023 15:12:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 4FBB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 15:12:56 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ads
securepubads.g.doubleclick.net/gampad/ 		383 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284829471672563&correlator=2359656191449386&eid=31076398%2C31076475%2C31076868%2C31070233%2C44714449&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=330713950%2Cgam-bidding-0.02&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600&ifi=6&didk=2067103960&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Db97fe506617760f8%3AT%3D1692717172%3ART%3D1692717172%3AS%3DALNI_MaAyBZemUt06OcBLpgzdcKeT-pENg&cdm=bewab.co&gpic=UID%3D00000c65f80093c4%3AT%3D1692717172%3ART%3D1692717172%3AS%3DALNI_MbGbpoODf-7sDtZ8x2hLCGXMf3Kzw&abxe=1&dt=1692717176037&adxs=1340&adys=45&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=bewab.co&loc=https%3A%2F%2Fbewab.co%2F&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=1245587961.1692717172&ga_sid=1692717173&ga_hid=492375642&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYvI657qExSABSAghkEhkKCnB1YmNpZC5vcmcYmpG57qExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLyOue6hMUgAUgIIZBIXCghydGJob3VzZRiikbnuoTFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pT0dGcWFFOWxObTlST0U5bk5WcHlWMHB6Y1RaQlFUMDlJbjA9GIyUue6hMUgAEhkKCnVpZGFwaS5jb20YvI657qExSABSAghkEhsKDGlkNS1zeW5jLmNvbRjnkbnuoTFIAFICCGo.&dlt=1692717172024&idt=487&adks=3162410085&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54f478b2b3d77c417340324cf823f478d0d79a152480cb59ed6e3c9c29149f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		383 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284829471672563&correlator=3941963783354385&eid=31076398%2C31076475%2C31076868%2C31070233%2C44714449&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fif&iu_parts=330713950%2Cgam-bidding-0.02&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600&ifi=7&didk=1093829743&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Db97fe506617760f8%3AT%3D1692717172%3ART%3D1692717172%3AS%3DALNI_MaAyBZemUt06OcBLpgzdcKeT-pENg&cdm=bewab.co&gpic=UID%3D00000c65f80093c4%3AT%3D1692717172%3ART%3D1692717172%3AS%3DALNI_MbGbpoODf-7sDtZ8x2hLCGXMf3Kzw&abxe=1&dt=1692717176069&adxs=100&adys=45&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=bewab.co&loc=https%3A%2F%2Fbewab.co%2F&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=1245587961.1692717172&ga_sid=1692717173&ga_hid=492375642&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYvI657qExSABSAghkEhkKCnB1YmNpZC5vcmcYmpG57qExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLyOue6hMUgAUgIIZBIXCghydGJob3VzZRiikbnuoTFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pT0dGcWFFOWxObTlST0U5bk5WcHlWMHB6Y1RaQlFUMDlJbjA9GIyUue6hMUgAEhkKCnVpZGFwaS5jb20YvI657qExSABSAghkEhsKDGlkNS1zeW5jLmNvbRjnkbnuoTFIAFICCGo.&dlt=1692717172024&idt=487&adks=928794417&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43c53bf02a155e3bee7d97c88d2566d03dea26793bb52916aa1effd4452305b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bewab.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4FBB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Aug 2023 10:07:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68010
Connection
keep-alive
Content-Length
10116
Expires
Wed, 23 Aug 2023 10:06:26 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 4FBB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLMG3NL7-N-DMBS
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
160x600.png
cdn.pixfuture.com/banners/ Frame 8EDC 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/banners/160x600.png
Requested by
Host: bewab.co
URL: https://bewab.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f68cca8c9a9d2153a2d3d47603fe6496af1f3a51818fae1bc8014fe86896fac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
100906
content-length
37383
last-modified
Wed, 03 Feb 2021 20:43:28 GMT
server
cloudflare
etag
"601b0af0-9207"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ec8wapf0%2FduaxDQV%2F66QP3PgQiS6KNjh0GX%2Fcf%2Bmc3n1bcGK120q6SdVxPv%2BG94Ed9%2F0SxYlDqeC4W62mg6o2%2FqKZmGubUIQUPCZpyA0z0VUYUKOdedXwG%2BOiSyz3g7kc9S8M0ktnHtPuadEPOC6"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7fac0e8f2ac4694b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 21 Aug 2023 18:39:56 GMT
160x600.png
cdn.pixfuture.com/banners/ Frame 0BA2 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/banners/160x600.png
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f68cca8c9a9d2153a2d3d47603fe6496af1f3a51818fae1bc8014fe86896fac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
100906
content-length
37383
last-modified
Wed, 03 Feb 2021 20:43:28 GMT
server
cloudflare
etag
"601b0af0-9207"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcunWbmrTo9FOZkUkCzpz1GkSpkjs%2FMqcaa4Q7ywsyAZ38%2BGov9Mxy8YR682Nk4SYgaTniDdZobC0e3seo%2BLlOneqGapEzj3cnWWaGM6yuN%2BJr5sPzuFBxFlVxd5L7EbhRxnIAi6fFyBy9kHNrHS"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7fac0e8f3acd694b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 21 Aug 2023 18:39:56 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
setuid
prebidserver.pixfuture.com/ Frame 2280
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
0
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

cache-control
no-store
content-length
0
location
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E328 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112632
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Wed, 23 Aug 2023 22:30:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame CE0C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3d08dbba3d454afd4f0542b16c24984a939f64bc49cee43a9b793a5e68b0ef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=153290
content-encoding
gzip
content-length
8008
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Thu, 24 Aug 2023 09:47:46 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 294D 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 4450 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3d08dbba3d454afd4f0542b16c24984a939f64bc49cee43a9b793a5e68b0ef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=153290
content-encoding
gzip
content-length
8008
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Thu, 24 Aug 2023 09:47:46 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 3D85 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 885F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 15:12:56 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
ads.us.e-planning.net/uspd/1/ Frame B230 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
7a8c5e6235454edfd93da7f240d42634cc3d6d6394158c691a6ddc060222174f

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Tue, 22 Aug 2023 15:12:56 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
sync.html
s.console.adtarget.com.tr/ Frame 4F37 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:262:3e0c::2 Wernigerode, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://bewab.co
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
884
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 35EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=1767717742930980986
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=1767717742930980986
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Etag
297d6e61c8bd7af7
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
6e5009af-41ee-4bad-93c4-f3407ce184ef
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=1767717742930980986
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
checksync.php
contextual.media.net/ Frame DB55 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3d08dbba3d454afd4f0542b16c24984a939f64bc49cee43a9b793a5e68b0ef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=153290
content-encoding
gzip
content-length
8008
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Thu, 24 Aug 2023 09:47:46 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 267C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112632
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Wed, 23 Aug 2023 22:30:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync.html
s.adtelligent.com/ Frame 5802 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.226 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
78caf0aa7c8036db15e75fa9cdb286a17fb12c436c49e286637bcd2d1f005f1b

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://bewab.co
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
874
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Adtelligent
X-Robots-Tag
noindex
pd
u.openx.net/w/1.0/ Frame 09EC 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
csync
sync.adtelligent.com/ Frame F207
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Etag
297d6e61c8bd7af7
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 11FA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112632
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Wed, 23 Aug 2023 22:30:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
d
ic.tynt.com/r/ Frame 99B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Tue, 22 Aug 2023 15:12:57 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
/
onetag-sys.com/usync/ Frame 4261 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 25C0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://bewab.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112632
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Wed, 23 Aug 2023 22:30:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=ffc35844-9515-489c-bfd4-f1b7d0dfd34e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Tue, 22 Aug 2023 15:12:56 GMT
server
Apache-Coyote/1.1
content-length
0
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MWZlM2YxNzktNmY1OS00ZGJmLWIwNDMtZDVkMTcxMGFlODU1
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=a8bdf272-b402-4048-b7ac-88170109231c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.208.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=1767717742930980986
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=1767717742930980986
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
an-x-request-uuid
860e6d93-d1f3-449c-aab5-fda9677037ba
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=1767717742930980986
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=87880&dpuuid=a8bdf272-b402-4048-b7ac-88170109231c
dpm.demdex.net/ 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=a8bdf272-b402-4048-b7ac-88170109231c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.6.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-6-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-080b06e04.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4ki3mxjOT6g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YThiZGYyNzItYjQwMi00MDQ4LWI3YWMtODgxNzAxMDkyMzFj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=c1057d6c-25d9-48a7-9e61-87193fbeb6b9
49 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=c1057d6c-25d9-48a7-9e61-87193fbeb6b9
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=c1057d6c-25d9-48a7-9e61-87193fbeb6b9
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
getuid
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ibs:dpid=87880&dpuuid=ffc35844-9515-489c-bfd4-f1b7d0dfd34e
dpm.demdex.net/ 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=ffc35844-9515-489c-bfd4-f1b7d0dfd34e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.6.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-6-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-04d7ad54c.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qpYUY97xQU8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
user-sync
sync.adkernel.com/ 		0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
0
30907
tags.bluekai.com/site/ 		62 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=1fe3f179-6f59-4dbf-b043-d5d1710ae855
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 22 Aug 2023 15:12:56 GMT
content-length
62
content-type
image/gif
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=1fe3f179-6f59-4dbf-b043-d5d1710ae855&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=QWRndXM2SDhSbkplSzlpNmE5aHRrUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOg1yKJZT9SOxd_pDVccoM&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOg1yKJZT9SOxd_pDVccoM&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-fh96x
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOg1yKJZT9SOxd_pDVccoM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usg.gif
sync.go.sonobi.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZmZjMzU4NDQtOTUxNS00ODljLWJmZDQtZjFiN2QwZGZkMzRl
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEDM3OzLOiGf1J8wgMDmNvQg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=1fe3f179-6f59-4dbf-b043-d5d1710ae855&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=c14fbc91-daf7-4f3c-8ea3-1a2162675f1a
49 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=c14fbc91-daf7-4f3c-8ea3-1a2162675f1a
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=c14fbc91-daf7-4f3c-8ea3-1a2162675f1a
date
Tue, 22 Aug 2023 15:12:56 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
usersync
match.bnmla.com/ 		0
0
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&google_hm=MWYxYjFjN2MtNjJmNS00YTRhLWExM2MtNDk5ZjNiNWYxN2Ew
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEISxpNOTbpcYj5PfSNa8ZWo&google_cver=1&ssp=sonobi&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEISxpNOTbpcYj5PfSNa8ZWo&google_cver=1&ssp=sonobi&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
Protocol
H2
Server
35.156.208.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEISxpNOTbpcYj5PfSNa8ZWo&google_cver=1&ssp=sonobi&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=87880&dpuuid=1fe3f179-6f59-4dbf-b043-d5d1710ae855
dpm.demdex.net/ 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=1fe3f179-6f59-4dbf-b043-d5d1710ae855
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.6.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-6-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-0b10595a9.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vVg6X5V8SZ8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
30907
tags.bluekai.com/site/ 		62 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=ffc35844-9515-489c-bfd4-f1b7d0dfd34e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 22 Aug 2023 15:12:56 GMT
content-length
62
content-type
image/gif
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IN3y0qPESdOIdb6gFtlf&pi=sonobi
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IN3y0qPESdOIdb6gFtlf&pi=sonobi
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IN3y0qPESdOIdb6gFtlf&pi=sonobi
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT, Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210826653479319
49 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210826653479319
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210826653479319
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ID1=a8bdf272-b402-4048-b7ac-88170109231c
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=a8bdf272-b402-4048-b7ac-88170109231c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
all
ssl-market-east.smrtb.com/sync/ 		0
0
7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ 		47 B
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JNSCGVWNETEBVJBA1EB3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
47
occ
ups.analytics.yahoo.com/ups/58645/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58645/occ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ID1=ffc35844-9515-489c-bfd4-f1b7d0dfd34e
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=ffc35844-9515-489c-bfd4-f1b7d0dfd34e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
match
e.serverbid.com/udb/9969/ 		35 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:57 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://bewab.co
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58
30907
tags.bluekai.com/site/ 		62 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=a8bdf272-b402-4048-b7ac-88170109231c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 22 Aug 2023 15:12:56 GMT
content-length
62
content-type
image/gif
cm
us-u.openx.net/w/1.0/ 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=ffc35844-9515-489c-bfd4-f1b7d0dfd34e&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=b2224809-68ef-40a0-8d1e-0134f57dc857
49 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=b2224809-68ef-40a0-8d1e-0134f57dc857
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=b2224809-68ef-40a0-8d1e-0134f57dc857
date
Tue, 22 Aug 2023 15:12:56 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ffc35844-9515-489c-bfd4-f1b7d0dfd34e&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=QlBvZ2xSMjdVT2VpZmM0MEJZUEEyQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOg1yKJZT9SOxd_pDVccoM&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOg1yKJZT9SOxd_pDVccoM&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-fh96x
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOg1yKJZT9SOxd_pDVccoM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=1fe3f179-6f59-4dbf-b043-d5d1710ae855
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
ID1=1fe3f179-6f59-4dbf-b043-d5d1710ae855
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=1fe3f179-6f59-4dbf-b043-d5d1710ae855
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
setuid
prebidserver.pixfuture.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
86 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
Protocol
HTTP/1.1
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bewab.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usync.js
eus.rubiconproject.com/ Frame 885F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Aug 2023 10:07:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68010
Connection
keep-alive
Content-Length
10116
Expires
Wed, 23 Aug 2023 10:06:26 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame B230 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D61085dcf412aa42c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:55 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbs.gif
sync.admanmedia.com/ Frame B230 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D61085dcf412aa42c%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
prebid
rtb.openx.net/sync/ Frame B230 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D61085dcf412aa42c%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame B230 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 20 Aug 2028 15:12:56 GMT
um
u-ams03.e-planning.net/ Frame B230
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D61085dcf412aa42c%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=61085dcf412aa42c&uid=1767717742930980986
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=61085dcf412aa42c&uid=1767717742930980986
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Tue, 22 Aug 2023 15:12:56 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
an-x-request-uuid
8fe46b02-5833-4a97-b257-cdc0ef330bf9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=61085dcf412aa42c&uid=1767717742930980986
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame B230
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D61085dcf412aa42c%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=61085dcf412aa42c&uid=ua-8a4cf9f4-cabf-338b-b4cc-a3c979c11c6b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=61085dcf412aa42c&uid=ua-8a4cf9f4-cabf-338b-b4cc-a3c979c11c6b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Tue, 22 Aug 2023 15:12:56 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=61085dcf412aa42c&uid=ua-8a4cf9f4-cabf-338b-b4cc-a3c979c11c6b
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-store
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame B230 		0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D61085dcf412aa42c%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-78
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-ams03.e-planning.net/ Frame B230
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=csuid_40d96481-2f8c-4952-b87e-2b57a03be6f5&dc=b337141cfdc8cf59&fi=61085dcf412aa42c
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=csuid_40d96481-2f8c-4952-b87e-2b57a03be6f5&dc=b337141cfdc8cf59&fi=61085dcf412aa42c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Tue, 22 Aug 2023 15:12:56 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=csuid_40d96481-2f8c-4952-b87e-2b57a03be6f5&dc=b337141cfdc8cf59&fi=61085dcf412aa42c
date
Tue, 22 Aug 2023 15:12:56 GMT
server
fasthttp
content-length
0
usync.html
eus.rubiconproject.com/ Frame FC03
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 15:12:56 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0D72 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D61085dcf412aa42c%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112632
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Wed, 23 Aug 2023 22:30:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame E37B 		2 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f9aa421701f26668b080f4d4e714ad8171f52ae6440b8d784e59c2fd69791d

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7fac0e92e9704516-TXL
content-encoding
br
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oN26k18JqunoUDX5MnR0BJCQt4tXvkEYX0EqMMuBBBEitmsYs%2FjtbR7XYMFrwCIAUf3SGx3CTRujqVRBEeLPU%2Fb%2FR7a%2Fsh7HY6xs08%2BFJpMOw0xn7IAILWXxwifoPD%2Fh9oyIjCDR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 456F 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
etag
W/"61ddbb71-5f5"
expires
Thu, 02 Mar 2028 17:17:56 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
9a4ddd7b6d12ab343607b25a73f08f1d
x-cf-tsc
1677950277
x-cf1
29080:fJ.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 8BF8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame FEA5 		760 B
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57b741c07b1df2e463a50420994f94c3e54cb915e915ba74f7a761e74fff63c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7fac0e937be237ca-FRA
content-encoding
br
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame B230 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 b2bc712713f500af8be071fa65fa924c.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
13066
x-amz-server-side-encryption
AES256
etag
W/"0c967603b7e4d32b78b7ca772270a5c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
fHZUA0lcZy1XD1sEc8H2frTQab4b5e3Ut2bwnDAdURMCaljcyHkOOA==
usync.js
eus.rubiconproject.com/ Frame FC03 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Aug 2023 10:07:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68010
Connection
keep-alive
Content-Length
10116
Expires
Wed, 23 Aug 2023 10:06:26 GMT
15581
rtb.gumgum.com/usync/ Frame ADE9 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.201.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-201-40.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bc7852c01a176a13e3ec246f4dee078559e88116154700069f88e0f6a6569046

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 22 Aug 2023 15:12:56 GMT
etag
W/"0e3010aacfb8d71b5e2856b882bc1fc11"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame A48E 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 22 Aug 2023 15:12:56 GMT
csync
sync.adtelligent.com/ Frame 9330 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AM20AgHu8EED3r%2fp
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Etag
9f310746d7a6ab44
Server
Adtelligent
ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E37B 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5341:747:cc9:c512 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
user-registering
ads.stickyadstv.com/ Frame E37B 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZOTQdTTaCGWnmtdMMEnXvgAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1692717176939053-545
Expires
Tue, 22 Aug 2023 15:12:56 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame E37B 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.223.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-223-84.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E37B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8800757208030716490
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8800757208030716490
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8800757208030716490
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E37B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=o7S1y7p01Qyt3W5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=o7S1y7p01Qyt3W5
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=o7S1y7p01Qyt3W5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame E37B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.208.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
CookieIndex
rtb.adentifi.com/ Frame E37B 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.156.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-156-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:57 GMT
rum
dsum-sec.casalemedia.com/ Frame E37B
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZOTQdTTaCGWnmtdMMEnXvgAA%261131&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b1f2e529-1e9b-4059-ba91-a7d179314031-tuctbde55f9
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b1f2e529-1e9b-4059-ba91-a7d179314031-tuctbde55f9
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b1f2e529-1e9b-4059-ba91-a7d179314031-tuctbde55f9
date
Tue, 22 Aug 2023 15:12:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24137
um
u-ams03.e-planning.net/ Frame E37B 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=61085dcf412aa42c&uid=ZOTQdTTaCGWnmtdMMEnXvgAA%261131
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Tue, 22 Aug 2023 15:12:56 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame ADE9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1767717742930980986
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1767717742930980986
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
an-x-request-uuid
37296b93-0ce7-48fa-92d5-6731d0e994c2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=1767717742930980986
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame ADE9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Server
35.156.208.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
date
Tue, 22 Aug 2023 15:12:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncPlatform
sync.outbrain.com/ Frame ADE9
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&obuid=ENC(MuXXFpbz5gsoTqihwDwKt-5LlS77vvzwlCP1q67Pv_-gzNKGUtsJ-uNlh4yPh3FS)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:57 GMT
Cache-Control
no-cache
X-TraceId
4dec948ab637505f0229a84cf06cf55c
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Tue, 22 Aug 2023 15:12:57 GMT
X-TraceId
197f7cfeccd2f9bab7b63611aac57125
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame ADE9 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
sync.srv.stackadapt.com/ Frame ADE9 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.213.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-213-198.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame ADE9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3EWVyF5E2pcEVmghLGz8V1.opOdKxMccEPPM~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3EWVyF5E2pcEVmghLGz8V1.opOdKxMccEPPM~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 22 Aug 2023 15:12:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3EWVyF5E2pcEVmghLGz8V1.opOdKxMccEPPM~A
content-length
0
usersync
usersync.gumgum.com/ Frame ADE9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=b71c1241-8923-43d2-83f2-50c0cc3321ae
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=b71c1241-8923-43d2-83f2-50c0cc3321ae
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=b71c1241-8923-43d2-83f2-50c0cc3321ae
Date
Tue, 22 Aug 2023 15:12:56 GMT
Connection
keep-alive
X-CI-RTID
c7f94303-aac0-41d1-8719-cadd512cace4
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame ADE9 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame ADE9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
server_match
ad.360yield.com/ Frame ADE9 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.253.249.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-249-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Aug 2023 15:12:56 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame ADE9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=91U4zdqnF3dA&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=91U4zdqnF3dA&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Aug 2023 15:12:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=91U4zdqnF3dA&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-fh96x
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame ADE9 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.171 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
content-length
0
um
sync.e-planning.net/ Frame ADE9 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=61085dcf412aa42c&uid=e_d158073e-b266-4791-a7f9-e635cfae1bd2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Tue, 22 Aug 2023 15:12:56 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 2E25
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgvf2ywAN&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgvf2ywAN&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZOTQeAAKgvf2ywAN&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230098-FRA
x-timer
S1692717177.913405,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame BA31 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMTU4MDczZS1iMjY2LTQ3OTEtYTdmOS1lNjM1Y2ZhZTFiZDI=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5142 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112632
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 15:12:56 GMT
expires
Wed, 23 Aug 2023 22:30:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 572A 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 22 Aug 2023 15:12:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 342B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZOTQecCo5ugAADCN1s4AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZOTQecCo5ugAADCN1s4AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:57 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 22 Aug 2023 15:12:57 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZOTQecCo5ugAADCN1s4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40147.dc2p.scaleout.jp
X-SO-IP
217.114.218.27
X-SO-Key
ZOTQecCo5ugAADCN1s4AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZOTQecCo5ugAADCN1s4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40147"}
X-SO-LB-Hostname
a-tgng40017.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40147
gumgum
cs.admanmedia.com/sync/ Frame E120 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_d158073e-b266-4791-a7f9-e635cfae1bd2&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 22 Aug 2023 15:12:59 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame 2FED
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT Tue, 22 Aug 2023 15:12:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=IN3y0qPESdOIdb6gFtlf&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame D7EF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Aug 2023 15:12:56 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
csync
sync.console.adtarget.com.tr/ Frame 6C98
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=IN3y0qPESdOIdb6gFtlf&pi=admatic
43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=IN3y0qPESdOIdb6gFtlf&pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Etag
4af7eeb42ca61827
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 22 Aug 2023 15:12:56 GMT Tue, 22 Aug 2023 15:12:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=IN3y0qPESdOIdb6gFtlf&pi=admatic
pragma
no-cache
csync
sync.console.adtarget.com.tr/ Frame E5FE
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gp...
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=749789&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=749789&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:56 GMT
Etag
4af7eeb42ca61827
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 22 Aug 2023 15:12:56 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=749789&extuid=7878324549133378996&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
server
nginx
csync
sync.adtelligent.com/ Frame 4F37
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4af7eeb42ca61827
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4af7eeb42ca61827
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Adtelligent
Etag
9f310746d7a6ab44
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=4af7eeb42ca61827
Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Adtelligent
Etag
4af7eeb42ca61827
Content-Length
0
mw
mwzeom.zeotap.com/ Frame FEA5
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da45...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=2b69fc75-c4b5-4bba-43c6-27880b29d3e3&zdid=1361
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=2b69fc75-c4b5-4bba-43c6-27880b29d3e3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e942ccf37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=2b69fc75-c4b5-4bba-43c6-27880b29d3e3&zdid=1361
date
Tue, 22 Aug 2023 15:12:56 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame FEA5 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=2b69fc75-c4b5-4bba-43c6-27880b29d3e3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e93dc6237ca-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame FEA5 		557 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=2b69fc75-c4b5-4bba-43c6-27880b29d3e3&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9657d5263e5e96c86cad1555efef026b635b6acba0ca99af4df82637cf875df8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7fac0e93dc6437ca-FRA
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame D7EF 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Aug 2023 10:07:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68010
Connection
keep-alive
Content-Length
10116
Expires
Wed, 23 Aug 2023 10:06:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 355A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiMjdwVxzJuAZ-K5d5pi-SJrJ3K26u5_yNvotwwWxB3z6gF1JUHuI0XHbqaAbR3IV1sINhrarhf90j0nJsvG5pyPZ7VkxmoT5p1l6sXAiH_6gh3r9j6yT8QvkA7mFVbRV6ye3KLMNkXjNx&sai=AMfl-YQZsDLnv2WgYDiqardBnr4EGWbGXqLdpJ_sv9_XkeN5demLopIuAvBE9tQy4sJHIqgZjymevNF8Fr_IHKBeNAjYOX49yYBF1mMlPVKbcJK8oNLicD7EYNXvk8x0&sig=Cg0ArKJSzHL9Kli81dT0EAE&cid=CAQSPABpAlJWcRGdfygmSoqPrjWiCPqUFCJSnXMUOYMQaLwr8Bsj7rjDCtnsLQMvByUFj-6Q_aOeqpAVEQ9JIRgB&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,2032,0,0,0%26mtos%3D0,2032,2032,2032,2032%26amtos%3D0,0,0,0,0%26mcvt%3D2032%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2198%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D206%26dur%3D21418%26vmtime%3D2206%26dtos%3D2032%26dtoss%3D1%26dvs%3D2032%26dfvs%3D0%26dvpt%3D2198%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33554707%26c%3D0.83%26mc%3D0.83%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2032&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692717174748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0533 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112631
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 22 Aug 2023 15:12:57 GMT
expires
Wed, 23 Aug 2023 22:30:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 244A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 5802 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 15:12:56 GMT
Server
Adtelligent
Etag
9f310746d7a6ab44
Content-Length
43
Content-Type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 9A66 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
track1.aniview.com/ Frame D0ED 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bewab.co&rs=bewab.co&sid=41308&t=1692717173&cip=217.114.218.27&sn=&tgt=0&osv=10&bv=116.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=63d78a95feee817a470cff47&test=&d64=1da46d0db7759b029a4c27c13312f786&d63=1da46d0db7759b029a4c27c13312f786&aafaid=&proto=https&uid=1692717173004-960420603629-001257-006-009793&cha=0.7&stagid=63f464f674272ad1280cc8a5&stplid=63dccc3f6eb8444ea80a5d1a&d35=&d36=6.2.121&cb=26300347739&d39=&d65=&d66=8.3.16&d74=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.16&d74=&stagid=63f464f674272ad1280cc8a5&stplid=63dccc3f6eb8444ea80a5d1a&cvid=&cpid=&str=viewable&AV_WIDTH=640&AV_HEIGHT=360
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63d78a95feee817a470cff47
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.13.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-13-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bewab.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 22 Aug 2023 15:12:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9A66 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=969837&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
16168cc67a258c6283baff719456183df2406d5e0459d026b9c437d88cc6c1a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 22 Aug 2023 15:12:57 GMT
content-length
1570
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 33FE 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 22 Aug 2023 15:12:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame BB15
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7fac0ea328991c13-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7fac0ea1bdf51c13-FRA
content-type
text/html
date
Tue, 22 Aug 2023 15:12:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
194
pub
matching.truffle.bid/sync/ Frame 4D5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 22 Aug 2023 15:12:59 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 67AD
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6AAA59147444CFD9538627625B7FAC6&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6AAA59147444CFD9538627625B7FAC6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 15:12:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 22 Aug 2023 15:12:58 GMT
expires
Mon, 21 Aug 2023 15:12:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A6AAA59147444CFD9538627625B7FAC6&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame A794
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1692717179171
  • https://ad.turn.com/r/cs?pid=45&rndcb=5206122994
  • https://sync.1rx.io/usersync/turn/8800757208030716490?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-14833bb0-634b-42d3-a806-e15b67f31889-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-14833bb0-634b-42d3-a806-e15b67f31889-003
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-14833bb0-634b-42d3-a806-e15b67f31889-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 22 Aug 2023 15:12:59 GMT
etag
RX14833bb0634b42d3a806e15b67f31889003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-14833bb0-634b-42d3-a806-e15b67f31889-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
um
u-ams03.e-planning.net/ Frame 9C57 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=927a4eee13039382&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Tue, 22 Aug 2023 15:12:58 GMT
server
openresty
mw
mwzeom.zeotap.com/ Frame 9A66 		95 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:12:59 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7fac0ea098f837ca-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 9A66
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:13:10 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:13:09 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9A66
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e2d280a150659a4f04621579ea204b5f&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Aug 2023 15:12:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9A66
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1767717742930980986
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1767717742930980986
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Aug 2023 15:12:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:59 GMT
an-x-request-uuid
02ce04b3-5bf7-425e-af33-26740dfa668d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1767717742930980986
x-proxy-origin
217.114.218.27; 217.114.218.27; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B78B 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38389764&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 22 Aug 2023 15:12:59 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame FC04 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:59 GMT
Expires
0
Pragma
no-cache
InterstateRegular-Bold.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame D8AC 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7108004604515456896/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:11:01 GMT
x-content-type-options
nosniff
age
118
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 15:26:01 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame D8AC 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7108004604515456896/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:10:07 GMT
x-content-type-options
nosniff
age
172
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 15:25:07 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame D8AC 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 14:26:44 GMT
cta-small.svg
s0.2mdn.net/4528404/1687523402213/ Frame D8AC 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687523402213/cta-small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3259ca7d3e09ade842ae522f7808dfc053a5d9bf7e19ea5ae94403558a361e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1321
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Aug 2023 14:26:44 GMT
congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame D8AC 		2 KB
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7108004604515456896/index.html?e=69&leftOffset=0&topOffset=0&c=ZUF3izDyer&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 20:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 20:24:57 GMT
dc_oe=ChMI5KLO7sbwgAMVVt0RCB3HcAbLEAAYACDwwe5cQhMIhNSt7sbwgAMVTYiDBx05oQ-3;stragg=1;&timestamp=1692717179224;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 5A34 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5KLO7sbwgAMVVt0RCB3HcAbLEAAYACDwwe5cQhMIhNSt7sbwgAMVTYiDBx05oQ-3;stragg=1;&timestamp=1692717179224;str=nextSlide;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame B230 		155 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Aug 2023 11:35:11 GMT
via
1.1 e7150584c93f85e64aa53364c55a16c6.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
13069
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
gcVdKsK1b8P1FuXOcZh3RFI73hgrWrETHqopxoh6r9u9HoHxFUZrgQ==
csync
sync.adtelligent.com/ Frame 0EFE 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:58 GMT
Etag
9f310746d7a6ab44
Server
Adtelligent
data
bcp.crwdcntrl.net/6/ Frame B230 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d5b616aa4a87fad2c09898d6dfe9ffae5ceff31e2c25d93c7c3ea319d049cbfe

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.7.124
access-control-allow-credentials
true
content-length
60
expires
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 15B3 		155 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Aug 2023 11:35:11 GMT
via
1.1 e7150584c93f85e64aa53364c55a16c6.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
13069
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
mYcEzPxaCJ6Kj755AuXi12Rldu4XTx6PDUIRSOvNxc22ty-UOpORCQ==
um
u-ams03.e-planning.net/ Frame 0D01 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=61085dcf412aa42c&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Tue, 22 Aug 2023 15:12:59 GMT
server
openresty
data
bcp.crwdcntrl.net/6/ Frame 15B3 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e056d17bdecba103c1979966bd3de66946d555837c85e100e4a561716da691cd

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:12:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.16.247
access-control-allow-credentials
true
content-length
60
expires
0
csync
sync.adtelligent.com/ Frame 5FFE 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:59 GMT
Etag
9f310746d7a6ab44
Server
Adtelligent
usersync
usersync.gumgum.com/ Frame 6096 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:59 GMT
Expires
0
Pragma
no-cache
um
u-ams03.e-planning.net/ Frame 4185 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=61085dcf412aa42c&uid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D61085dcf412aa42c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Tue, 22 Aug 2023 15:12:59 GMT
server
openresty
usersync
usersync.gumgum.com/ Frame 5444 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:13:00 GMT
Expires
0
Pragma
no-cache
dc_oe=ChMI9YaS78bwgAMV0FBBAh0OSgfKEAAYACCloKRdQhMIyYbo7sbwgAMVhqh3Ch2AGQKB;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,5095,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 355A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9YaS78bwgAMV0FBBAh0OSgfKEAAYACCloKRdQhMIyYbo7sbwgAMVhqh3Ch2AGQKB;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,5095,0,0,0%26mtos%3D0,5095,5095,5095,5095%26amtos%3D0,0,0,0,0%26mcvt%3D5095%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5261%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D206%26dur%3D21418%26vmtime%3D5271%26dtos%3D3063%26dtoss%3D2%26dvs%3D3063%26dfvs%3D0%26dvpt%3D3063%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D33554707%26c%3D0.83%26mc%3D0.83%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,5095,5095,5095,5095%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D63%26psv%3D62%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5095;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692717174748;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:13:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 355A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChDwnddDkZIn4MobR3gOAs4iICMzc7OlvwqW0wd8RwI23ARABIMXwzoQBYJXy_YGUB6AB95vt4CjIAQWoAwHIA5sEqgTvAU_QFqeVlpHih7CaK3xCwmZ9b_Am5Qe9yDU6M0cHJhpIsM5OyUr5rsXzJWHmm5u2qRsw3xspZWVSPC8NL4c2oGXP0nVp6r-G7U6MtWsR8miQtxGqcdyGeGRyayFxPxq9CvM3fl7e31OeGstXJ895os5gfQDKpedZtClpJ3HbHYE7dYvjC96O1o82dlZ3hZJI0btgLvtBoSlOv0NLsTs3uE0zr_fWFWXanvZn1O3PpAE7ce4lwu0GOgJsy5M1A6j--G8chXtMXpArnmg4LyBcUjB1JIhV7ka_WPzmm4l4-qBLvG3xpnNv-dw6Y1kwAAA6wAS_h_vwggTgBAOIBYiJ5pNCkAYBoAZ2gAf3073AA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsB4AsBgAwBqg0CREXIDQGwE4_xuhTQEwDYEw2IFALYFAHQFQH4FgGAFwE&sigh=hYwKDNnyrJA&label=videoplaytime25&ad_mt=5271&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,5095,0,0,0%26mtos%3D0,5095,5095,5095,5095%26amtos%3D0,0,0,0,0%26mcvt%3D5095%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5261%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D206%26dur%3D21418%26vmtime%3D5271%26dtos%3D3063%26dtoss%3D2%26dvs%3D3063%26dfvs%3D0%26dvpt%3D3063%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D33554707%26c%3D0.83%26mc%3D0.83%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,5095,5095,5095,5095%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D63%26psv%3D62%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5095&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692717174748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:13:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync
sync.adtelligent.com/ Frame F70D 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:59 GMT
Etag
9f310746d7a6ab44
Server
Adtelligent
csync
sync.adtelligent.com/ Frame BD14 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:12:59 GMT
Etag
9f310746d7a6ab44
Server
Adtelligent
SPug
simage4.pubmatic.com/AdServer/ Frame 9A66 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D927a4eee13039382%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 15:13:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 2897 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Aug 2023 15:13:02 GMT
Expires
0
Pragma
no-cache
dc_oe=ChMI5KLO7sbwgAMVVt0RCB3HcAbLEAAYACDwwe5cQhMIhNSt7sbwgAMVTYiDBx05oQ-3;met=1;&timestamp=1692717183997;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5A34 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5KLO7sbwgAMVVt0RCB3HcAbLEAAYACDwwe5cQhMIhNSt7sbwgAMVTYiDBx05oQ-3;met=1;&timestamp=1692717183997;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:13:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9YaS78bwgAMV0FBBAh0OSgfKEAAYACCloKRdQhMIyYbo7sbwgAMVhqh3Ch2AGQKB;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,10401,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame 355A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9YaS78bwgAMV0FBBAh0OSgfKEAAYACCloKRdQhMIyYbo7sbwgAMVhqh3Ch2AGQKB;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,10401,0,0,0%26mtos%3D0,10401,10401,10401,10401%26amtos%3D0,0,0,0,0%26mcvt%3D10401%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10567%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D206%26dur%3D21418%26vmtime%3D10583%26dtos%3D5306%26dtoss%3D3%26dvs%3D5306%26dfvs%3D0%26dvpt%3D5306%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D33555219%26c%3D0.83%26mc%3D0.83%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,5306,5306,5306,5306%26qnc%3D0.83%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D2047%26psv%3D2046%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10401;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692717174748;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 355A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChDwnddDkZIn4MobR3gOAs4iICMzc7OlvwqW0wd8RwI23ARABIMXwzoQBYJXy_YGUB6AB95vt4CjIAQWoAwHIA5sEqgTvAU_QFqeVlpHih7CaK3xCwmZ9b_Am5Qe9yDU6M0cHJhpIsM5OyUr5rsXzJWHmm5u2qRsw3xspZWVSPC8NL4c2oGXP0nVp6r-G7U6MtWsR8miQtxGqcdyGeGRyayFxPxq9CvM3fl7e31OeGstXJ895os5gfQDKpedZtClpJ3HbHYE7dYvjC96O1o82dlZ3hZJI0btgLvtBoSlOv0NLsTs3uE0zr_fWFWXanvZn1O3PpAE7ce4lwu0GOgJsy5M1A6j--G8chXtMXpArnmg4LyBcUjB1JIhV7ka_WPzmm4l4-qBLvG3xpnNv-dw6Y1kwAAA6wAS_h_vwggTgBAOIBYiJ5pNCkAYBoAZ2gAf3073AA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsB4AsBgAwBqg0CREXIDQGwE4_xuhTQEwDYEw2IFALYFAHQFQH4FgGAFwE&sigh=hYwKDNnyrJA&label=videoplaytime50&ad_mt=10584&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,10401,0,0,0%26mtos%3D0,10401,10401,10401,10401%26amtos%3D0,0,0,0,0%26mcvt%3D10401%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10567%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D206%26dur%3D21418%26vmtime%3D10583%26dtos%3D5306%26dtoss%3D3%26dvs%3D5306%26dfvs%3D0%26dvpt%3D5306%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D33555219%26c%3D0.83%26mc%3D0.83%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,5306,5306,5306,5306%26qnc%3D0.83%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D2047%26psv%3D2046%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10401&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692717174748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9YaS78bwgAMV0FBBAh0OSgfKEAAYACCloKRdQhMIyYbo7sbwgAMVhqh3Ch2AGQKB;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,15710,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame 355A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9YaS78bwgAMV0FBBAh0OSgfKEAAYACCloKRdQhMIyYbo7sbwgAMVhqh3Ch2AGQKB;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,15710,0,0,0%26mtos%3D0,15710,15710,15710,15710%26amtos%3D0,0,0,0,0%26mcvt%3D15710%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15876%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D52%26pst%3D206%26dur%3D21418%26vmtime%3D15896%26dtos%3D5309%26dtoss%3D4%26dvs%3D5309%26dfvs%3D0%26dvpt%3D5309%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D33555219%26c%3D0.83%26mc%3D0.83%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,5309,5309,5309,5309%26qnc%3D0.83%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D65535%26psv%3D65534%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15710;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692717174748;ecn1=1;etm1=0;eid1=960585;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:13:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 355A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=ChDwnddDkZIn4MobR3gOAs4iICMzc7OlvwqW0wd8RwI23ARABIMXwzoQBYJXy_YGUB6AB95vt4CjIAQWoAwHIA5sEqgTvAU_QFqeVlpHih7CaK3xCwmZ9b_Am5Qe9yDU6M0cHJhpIsM5OyUr5rsXzJWHmm5u2qRsw3xspZWVSPC8NL4c2oGXP0nVp6r-G7U6MtWsR8miQtxGqcdyGeGRyayFxPxq9CvM3fl7e31OeGstXJ895os5gfQDKpedZtClpJ3HbHYE7dYvjC96O1o82dlZ3hZJI0btgLvtBoSlOv0NLsTs3uE0zr_fWFWXanvZn1O3PpAE7ce4lwu0GOgJsy5M1A6j--G8chXtMXpArnmg4LyBcUjB1JIhV7ka_WPzmm4l4-qBLvG3xpnNv-dw6Y1kwAAA6wAS_h_vwggTgBAOIBYiJ5pNCkAYBoAZ2gAf3073AA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsB4AsBgAwBqg0CREXIDQGwE4_xuhTQEwDYEw2IFALYFAHQFQH4FgGAFwE&sigh=hYwKDNnyrJA&label=videoplaytime75&ad_mt=15896&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,202,359%26tos%3D0,15710,0,0,0%26mtos%3D0,15710,15710,15710,15710%26amtos%3D0,0,0,0,0%26mcvt%3D15710%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15876%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D52%26pst%3D206%26dur%3D21418%26vmtime%3D15896%26dtos%3D5309%26dtoss%3D4%26dvs%3D5309%26dfvs%3D0%26dvpt%3D5309%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D33555219%26c%3D0.83%26mc%3D0.83%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,5309,5309,5309,5309%26qnc%3D0.83%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D806237280%26psm%3D65535%26psv%3D65534%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15710&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1692717174748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 15:13:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2194730263&i4=217.114.218.27&r=https%3A%2F%2Fbewab.co%2F
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| documentPictureInPicture object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery object| advads_options object| advads object| html5 object| Modernizr object| advads_items object| advadsCfpQueue function| advadsCfpAd object| googletag function| gtag object| dataLayer function| advanced_ads_check_adblocker function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_images function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading object| advanced_ads_pro_ajax_object object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| advads_postscribe object| advanced_ads_layer_settings object| advanced_ads_layer_cache_busting function| layers function| advads_layer_center_if_not_sticky function| advads_layer_gather_effects function| advads_layer_gather_background function| advads_layer_gather_auto_close function| can_remove_background function| advads_check_item_conditions function| fancybox_display function| advads_layer_call_display_callbacks function| advads_extract_custom_offset_from_class function| advads_extract_duration_from_class function| advads_layer_display_background_callback function| advads_display_effect_fadein function| advads_display_effect_show function| advads_display_effect_slide function| getSupportedTransform function| set_ad_transform function| advads_layer_close_item function| advads_layer_close_items function| ouibounce object| advanced_ads_sticky_settings function| advanced_ads_sticky_check_position_fixed function| Cookies object| ezTOC object| advadsCfpInfo object| advads_admin_bar_items object| advads_passive_placements object| advadsProCfp boolean| _pxft_iel_init boolean| pxft_first_init_iel_activated object| aniplayerPos object| twemoji object| wp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| setCookie function| getCookie function| createGeoRestrictionCookie object| ggeac object| google_js_reporting_queue string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing number| google_unique_id object| webpackChunk_aniview_player object| avContentPlayer object| gaplugins object| gaData object| __uid2SecureSignalProvider object| __uid2 object| pbjs object| regeneratorRuntime object| ox_esp function| setImmediate function| clearImmediate function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| storageAni object| advads_passive_ads object| advads_passive_groups object| advads_placement_tests object| advads_ajax_queries object| advads_has_ads object| advads_js_items object| rules object| GoogleGcLKhOms object| headerBidParamObject object| attrData string| pxft_clear_cache_flag undefined| pxft_first_init_activated undefined| attrDataArray object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture object| ID5EspConfig object| advanced_ads_sticky_items boolean| isPxftLibrariesPending function| findCMP_PixFuture object| pbjs_pixChunk object| pbjs_pix object| mnet object| pxft_googletag object| google_image_requests

160 Cookies

Domain/Path Name / Value
.bewab.co/ Name: _ga_MGC1XL39YR
Value: GS1.1.1692717172.1.0.1692717172.0.0.0
bewab.co/ Name: __oagr
Value: true
.bewab.co/ Name: _ga_XDLCPDXTLX
Value: GS1.1.1692717172.1.0.1692717172.60.0.0
.bewab.co/ Name: _ga
Value: GA1.2.1245587961.1692717172
.bewab.co/ Name: _gid
Value: GA1.2.1804785126.1692717173
.bewab.co/ Name: _gat_gtag_UA_254651219_1
Value: 1
.criteo.com/ Name: uid
Value: eb6d3fb8-194a-4fb3-ad9a-84eca219bb11
.openx.net/ Name: i
Value: f1a8e139-eea8-43c3-a0e5-9ad626caba00|1692717173
.bewab.co/ Name: cto_bundle
Value: gdkBiF8lMkJOU2NBNSUyRkdCY2J6RUtnQmNSNERsaFBrOUtVT1RJY3lpa0NUaFBLOEZ2eUYzbDBsNHZoVUM3ajBuZm9jTlVoRTNZVXVLMUpvOUxwbHp3UTJJZFlWUnFTSXJRbDdKRmpmVklVcTFMUHFFTURZdFdMMnplTnV4elV6TllZdG1SMUE3UEdhRHBpS3NNWjh3YlFmT1RFYmR3JTNEJTNE
.doubleclick.net/ Name: APC
Value: AfxxVi4R6Lrz2VoKMxNNt7bZHFP_IITkJR3WbHKTL0nhQkVX1xthcg
.doubleclick.net/ Name: IDE
Value: AHWqTUmhIU4DR2v1XP3TAsdNWCdcXRAY0PWsP2lfm9t2eShsSHmbhtc-k3g1R-rg
.aniview.com/ Name: aniC
Value: 1692717173004-960420603629-001257-006-009793
.bewab.co/ Name: __gads
Value: ID=b97fe506617760f8:T=1692717172:RT=1692717172:S=ALNI_MaAyBZemUt06OcBLpgzdcKeT-pENg
.bewab.co/ Name: __gpi
Value: UID=00000c65f80093c4:T=1692717172:RT=1692717172:S=ALNI_MbGbpoODf-7sDtZ8x2hLCGXMf3Kzw
.casalemedia.com/ Name: CMID
Value: ZOTQdTTaCGWnmtdMMEnXvgAA
.casalemedia.com/ Name: CMPS
Value: 1131
.casalemedia.com/ Name: CMPRO
Value: 1131
.adnxs.com/ Name: uuid2
Value: 1767717742930980986
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.agkn.com/ Name: ab
Value: 0001%3A9sZVzwL8wlvqzeeAZ1pE5jCAYX1vrKFH
bewab.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bewab.co/ Name: _pubcid
Value: 5afaae23-7d3f-4f70-841b-e49e860a3118
bewab.co/ Name: _lr_retry_request
Value: true
bewab.co/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: anj
Value: dTM7k!M4.FCxrEQF']wIg2In<n6MHi!fsuh-Nm+Rnb.s-Z=4.Sr0$EWqA01G*+62+qjyr/HSV%X+LlZnAvI1TJn!2$GdD0[%p[s>%q)3R0Xn=T
bewab.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-08-22T15%3A12%3A55%22%7D
.rubiconproject.com/ Name: khaos
Value: LLMG3NL7-N-DMBS
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrQ5BGaxdjg/rU1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDnOB2RLLzYRYRe1Ud9IgnUNIHHY/eKfzM2RGgOhmcs0aIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.go.sonobi.com/ Name: _usd_bewab.co
Value: 19798ab2-bfb2-4432-bf95-036d21e7b2dc
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 20182374
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 20182374
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 20182374
.go.sonobi.com/ Name: __uis
Value: a8bdf272-b402-4048-b7ac-88170109231c
.go.sonobi.com/ Name: __uin_yh
Value: y-qt9rV.pE2uHRu1_1m4IU5attbQwWUnYLy1SdVGI-~A
.go.sonobi.com/ Name: __uin_tl
Value: 1343586008453690798743
.go.sonobi.com/ Name: __uin_vb
Value: abec996e-e369-4924-bb81-dcecbbbc478c
.go.sonobi.com/ Name: __uin_ox
Value: 29072fb7-8387-9734-976d-ea972726d667
.go.sonobi.com/ Name: __uin_td
Value: 3295c010-51fd-4362-a019-4e7ce9ead7cd
.go.sonobi.com/ Name: __uin_co
Value: a4ed66d9ad24461bad66d9ad24161b23
.go.sonobi.com/ Name: __uin_zt
Value: 1977432091299532488
.go.sonobi.com/ Name: __uin_bw
Value: 684649b9-3c95-4149-ac33-562126c6296e
.go.sonobi.com/ Name: __uin_an
Value: 1562162997325724541
.go.sonobi.com/ Name: __uin_i5td
Value: 1c16134a-c5e5-4a4b-be67-01e6929fdfe2
.go.sonobi.com/ Name: __uin_rh
Value: l3z5wPoIzLxXg91jIrL8
.go.sonobi.com/ Name: __uin_i5bw
Value: 7c1e2dd7-4221-40b3-a218-e74c3b702fdc
.go.sonobi.com/ Name: __uin_pp
Value: gOmu7B9gQjsv
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AM20AgHu8EED3r/p
.zeotap.com/ Name: zc
Value: a452d295-2545-4f0e-4080-766c2b20dc18
.adfarm1.adition.com/ Name: UserID1
Value: 7270164908032129181
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
.tapad.com/ Name: TapAd_TS
Value: 1692717175940
.tapad.com/ Name: TapAd_DID
Value: f9af2bef-a57b-498c-b91d-be9cabc6d192
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adform.net/ Name: C
Value: 1
.gumgum.com/ Name: vst
Value: e_d158073e-b266-4791-a7f9-e635cfae1bd2
.quantserve.com/ Name: d
Value: EIsBCwHiKfijAA
.quantserve.com/ Name: mc
Value: 64e4d078-08c54-d8df1-7a010
.adform.net/ Name: uid
Value: 7878324549133378996
.ctnsnet.com/ Name: cid_d32d480310104db794bd71c08ab813dc
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: BwraaGnGciwH44
.demdex.net/ Name: demdex
Value: 47705237612896786474595088793541392144
.yahoo.com/ Name: A3
Value: d=AQABBHjQ5GQCEEKtBaKvcXC2YP_ce7P65uIFEgEBAQEh5mTuZOAXyiMA_eMAAA&S=AQAAAspnjlcqZ2rFgbispUQR0yA
.simpli.fi/ Name: suid
Value: A6AAA59147444CFD9538627625B7FAC6
.turn.com/ Name: uid
Value: 8800757208030716490
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjMzNTYxtzQ2tBTiM9QNMy-LzA_0D8_Icc0EAJc6XIolAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjMzNTYxtzQ2tBTiM9QNMy-LzA_0D8_Icc0EAJc6XIolAAAA
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_40d96481-2f8c-4952-b87e-2b57a03be6f5
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2dhr
.de17a.com/ Name: guid
Value: 1.193533971124354479
.csync.loopme.me/ Name: viewer_token
Value: 4718e834-f3ad-4008-8889-e2def518d5e2
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-8a4cf9f4-cabf-338b-b4cc-a3c979c11c6b
.dpm.demdex.net/ Name: dpm
Value: 47705237612896786474595088793541392144
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1767717742930980986&KRTB&23339-1767717742930980986
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7270164908032129181&KRTB&23369-7270164908032129181
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7878324549133378996&KRTB&23263-7878324549133378996&KRTB&23481-7878324549133378996
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8800757208030716490&KRTB&23150-8800757208030716490
.adsby.bidtheatre.com/ Name: __kuid
Value: 8c216082-6b04-48d2-8259-03f36fd72627.461931176
.creativecdn.com/ Name: u
Value: IN3y0qPESdOIdb6gFtlf
.creativecdn.com/ Name: ts
Value: 1692717176
.krxd.net/ Name: _kuid_
Value: PwCUHxUA
.richaudience.com/ Name: avcid-zeo-uid
Value: a452d295-2545-4f0e-4080-766c2b20dc18
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENsfMNcbw3blq449yfwbz-U&KRTB&23025-CAESENsfMNcbw3blq449yfwbz-U&KRTB&23386-CAESENsfMNcbw3blq449yfwbz-U
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-6agVhLusR4jyrEjT6qhd1Of4FoHyqxGA7qxahYFV&KRTB&19420-6agVhLusR4jyrEjT6qhd1Of4FoHyqxGA7qxahYFV&KRTB&22979-6agVhLusR4jyrEjT6qhd1Of4FoHyqxGA7qxahYFV&KRTB&23403-6agVhLusR4jyrEjT6qhd1Of4FoHyqxGA7qxahYFV
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5141210826653479319
.adx.opera.com/ Name: UID
Value: OPUd49150529e0e422c85fa709748dcc170
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-193533971124354479
.bidr.io/ Name: bito
Value: AACwYk7JyaEAACUrYbQv4Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidswitch.net/ Name: c
Value: 1692717176
.bidswitch.net/ Name: tuuid_lu
Value: 1692717176
.bidswitch.net/ Name: tuuid
Value: 1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZOTQeAAKgvf2ywAN
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&KRTB&23413-7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&KRTB&23479-7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&KRTB&23505-7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6cdd5cbc8441db71
.onaudience.com/ Name: cookie
Value: a1e61fe02083932c
.onaudience.com/ Name: done_redirects104
Value: 1
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_adc113d2-992c-4657-94d4-661d9700fa2b
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-HHt10NrrgbnUbMnaXaSYRYXj
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-1f1b1c7c-62f5-4a4a-a13c-499f3b5f17a0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A4W6cE2Mn0APj22zMGvaNxw
.fwmrm.net/ Name: _uid
Value: "o2175_7270164912297837300"
.outbrain.com/ Name: obuid
Value: ce6dc74f-0ec8-421c-8c11-d6bec470838f
.ipredictive.com/ Name: cu
Value: b71c1241-8923-43d2-83f2-50c0cc3321ae|1692717176425
.gammaplatform.com/ Name: _aGeoIp
Value: BR|Araci
.gammaplatform.com/ Name: _aUID
Value: qad0xifweuyi
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-qad0xifweuyi&KRTB&23446-qad0xifweuyi&KRTB&23465-qad0xifweuyi
.audrte.com/ Name: arcki2
Value: c8h7mEpf3rgTbW-qFDlW4QRow!20220908!1692717176528!ip#217.114.218.27
.audrte.com/ Name: arcki2_pubmatic
Value: 7A955F6B-8022-4A5D-A5D5-BAE90BEE0988!20220908!1692717176531
.smartadserver.com/ Name: pid
Value: 2586407152700043406
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACwYk7JyaEAACUrYbQv4Q
.audrte.com/ Name: arcki2_ddp2
Value: c8h7mEpf3rgTbW-qFDlW4QRow!20220908!1692717176705
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlkbgiEZgaWxqtEkfjmphYA6u6CpSAAAAA
prebidserver.pixfuture.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQU0yMEFnSHU4RUVEM3IvcCIsImV4cGlyZXMiOiIyMDIzLTA5LTA1VDE1OjEyOjU1LjkyNzQ0MTgwNVoifSwiZ3JpZCI6eyJ1aWQiOiIxZjFiMWM3Yy02MmY1LTRhNGEtYTEzYy00OTlmM2I1ZjE3YTAiLCJleHBpcmVzIjoiMjAyMy0wOS0wNVQxNToxMjo1Ni44MDI5MzA4MDRaIn19LCJiZGF5IjoiMjAyMy0wOC0yMlQxNToxMjo1NS45Mjc0Mjc5NjhaIn0=
.mfadsrvr.com/ Name: tuuid
Value: c1057d6c-25d9-48a7-9e61-87193fbeb6b9
.mfadsrvr.com/ Name: c
Value: 1692717176
.mfadsrvr.com/ Name: tuuid_lu
Value: 1692717176
.zeotap.com/ Name: zsc
Value: %DE%A7%2F%19%EE%90j%E7w%BDKm%9C%EERV%CB%EAcQ%D8%9E%87%C5O%ADU%C1%1Eg%8E%7B%0EfV%D2o%F1%93%0A%A7%D7%AF%E6%28%F7%D9lQ%9CC%9B%23%02z%09m%8C%8C%CE%AB%17%8Fx%88g%B7%93%22%40%DB%5E0T%3B%244%9C%03l%03%B5%A2%CD%BC%C5%8C%B9%F6%B5o%C5%F3%40%13%9C%0A%F3%C8H%C9%C4%3D%1A%2A%FF%EF%C4%09%95T.%0B%1E%B7%21P%8B%E4%D8S%1E%B5%A6%03%E4%10%DFD%5D%B8%BD%60%EC%AFg%FC%E4%EF%94f%A0%BA%04%E9%2B%17%8F%1C%2C%C8%3Am%8F%8C%00%7C%B6%1D%81Ki%BCP%3Ax%23%A0
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACwYk7JyaEAACUrYbQv4Q
.bluekai.com/ Name: bku
Value: rlQ99cMx8susAXWU
.bluekai.com/ Name: bkpa
Value: KJy91ye1d02pSUHknp1ymE9lwtkAwEaZjEBZ1Ez8nEjZBEA+BsHijiNi1expnVxNjeWl1EOCjEQNBx1959XBty==
.mfadsrvr.com/ Name: ssh
Value: !sonobi,1692717176
.audrte.com/ Name: arcki2_adform
Value: 7878324549133378996!20220908!1692717176896
.w55c.net/ Name: wfivefivec
Value: o7S1y7p01Qyt3W5
.w55c.net/ Name: matchcasale
Value: 5
x.videobyte.com/ Name: vbxuid
Value: b2224809-68ef-40a0-8d1e-0134f57dc857
.go.sonobi.com/ Name: HAPLB8G
Value: s8578|ZOTQf
.adtelligent.com/ Name: a733849
Value: 1767717742930980986
.adtelligent.com/ Name: a743293
Value: 7878324549133378996
.console.adtarget.com.tr/ Name: vmuid
Value: 4af7eeb42ca61827
.console.adtarget.com.tr/ Name: a307080
Value: IN3y0qPESdOIdb6gFtlf
.console.adtarget.com.tr/ Name: a749789
Value: 7878324549133378996
.adtelligent.com/ Name: vmuid
Value: 9f310746d7a6ab44
.adtelligent.com/ Name: a307971
Value: AM20AgHu8EED3r/p
.adtelligent.com/ Name: a318342
Value: 4af7eeb42ca61827
.pubmatic.com/ Name: DPSync3
Value: 1693872000%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1693872000%3A46_88_264_13_21_204_166_161_176_71_251_3_249_54_56_22_220_214_254_233_234_99_238_55_165_243_8_81%7C1697846400%3A69%7C1693267200%3A15_223_2%7C1695254400%3A203%7C1693958400%3A35%7C1693526400%3A63
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1692738779167
ads.playground.xyz/ Name: connect.sid
Value: s%3AoRFekvhjbdM4Zf_udO6c8G8KZV2svfD0.nZ%2Fuo6f7eGoLl7SAjXuzY2dFbNciw7%2FquK7yk42X9sc
.onaudience.com/ Name: done_redirects161
Value: 1
.semasio.net/ Name: SEUNCY
Value: B9ADC09B93A6F84D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-14833bb0-634b-42d3-a806-e15b67f31889-003%22%2C%22nxtrdr%22%3Afalse%7D
.exelator.com/ Name: EE
Value: "e2d280a150659a4f04621579ea204b5f"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHVKMXIwiDR0NTAzNQy0STNwMTMyNDU3DI10cjAJMk0bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6IhfXxUUpaQyLSopPBR%252Flew4Aa4QptQ%253D%253D"
.onaudience.com/ Name: done_redirects147
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-14833bb0-634b-42d3-a806-e15b67f31889-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-14833bb0-634b-42d3-a806-e15b67f31889-003&KRTB&17107-RX-14833bb0-634b-42d3-a806-e15b67f31889-003
.pubmatic.com/ Name: PugT
Value: 1692717178
.tribalfusion.com/ Name: ANON_ID
Value: a7ntuJwyEoipuMNpaXU7dMZcvYpLVfymr6SqgScVUQDZcEvCTZa3QYS7u33Zbg6DHCZdM0jNbqakWZcRPaQaQTKRZcVw0uG
.adtelligent.com/ Name: a558003
Value: 7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
.adtelligent.com/ Name: a281178
Value: 7A955F6B-8022-4A5D-A5D5-BAE90BEE0988
.pubmatic.com/ Name: SPugT
Value: 1692717180

25 Console Messages

Source Level URL
Text
javascript error URL: https://bewab.co/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://bewab.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bewab.co/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2194730263&i4=217.114.218.27&r=https%3A%2F%2Fbewab.co%2F' from origin 'https://bewab.co' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2194730263&i4=217.114.218.27&r=https%3A%2F%2Fbewab.co%2F
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7A955F6B-8022-4A5D-A5D5-BAE90BEE0988&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=927a4eee13039382
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a452d295-2545-4f0e-4080-766c2b20dc18&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D927a4eee13039382%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://tags.bluekai.com/site/87734?id=a452d295-2545-4f0e-4080-766c2b20dc18&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=c39eae67-ec26-47a5-792e-2433cf2b8dac&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=a8bdf272-b402-4048-b7ac-88170109231c
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=ffc35844-9515-489c-bfd4-f1b7d0dfd34e
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=ffc35844-9515-489c-bfd4-f1b7d0dfd34e
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=a8bdf272-b402-4048-b7ac-88170109231c
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D61085dcf412aa42c%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a452d295-2545-4f0e-4080-766c2b20dc18&reqId=2b69fc75-c4b5-4bba-43c6-27880b29d3e3&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=1fe3f179-6f59-4dbf-b043-d5d1710ae855
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://aax-eu.amazon-adsystem.com/ecm3?ex=sonobi.com&id=1fe3f179-6f59-4dbf-b043-d5d1710ae855
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

563fba852a11aeadff547a297a8709c5.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
b1sync.zemanta.com
b355c6590109b579480047187bdc9fbf.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon.krxd.net
bewab.co
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bn01.er.bemail.it
btlr.sharethrough.com
c1.adform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.pixfuture.com
cdn.prod.uidapi.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.admanmedia.com
csi.gstatic.com
csync.loopme.me
d.turn.com
d5p.de17a.com
dis.criteo.com
dm.hybrid.ai
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
get.optad360.io
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
go1.aniview.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
lb.eu-1-id5-sync.com
lh6.googleusercontent.com
loada.exelator.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
oa.openxcdn.net
oajs.openx.net
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixfuture2-d.openx.net
play.aniview.com
player.aniview.com
player.avplayer.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
prebidserver.pixfuture.com
prg.smartadserver.com
pubmatic-match.dotomi.com
r1---sn-4g5edndz.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssl-market-east.smrtb.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
tg1.aniview.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.gumgum.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.videobyte.com
api.rlcdn.com
fid.agkn.com
match.bnmla.com
ssl-market-east.smrtb.com
104.79.89.214
107.20.253.198
137.184.242.150
141.226.228.48
141.94.161.158
141.94.171.212
141.94.171.215
142.250.185.194
142.250.185.66
142.250.185.98
142.250.186.34
151.1.205.165
151.101.194.49
159.89.246.130
161.35.253.218
162.19.138.118
162.19.138.120
162.55.120.196
162.55.233.29
169.197.150.8
172.64.148.101
178.250.1.9
178.250.7.13
18.193.141.18
18.198.126.47
184.72.156.158
185.15.245.82
185.183.112.148
185.184.8.90
185.64.189.112
185.64.190.80
185.80.39.216
185.86.138.123
185.86.138.151
185.89.211.84
188.166.17.21
193.0.160.130
193.3.178.1
193.3.178.3
193.3.178.4
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
2.23.197.190
2001:4860:4802:32::3
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
202.241.208.54
205.234.175.175
208.93.169.131
209.205.197.154
209.205.201.34
209.54.182.161
213.155.156.182
216.52.2.30
23.227.139.243
23.227.151.226
23.32.184.192
23.60.204.187
2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a
2600:9000:2250:7800:a:e047:753:6381
2600:9000:225e:9800:11:a4de:2580:93a1
2600:9000:238d:a200:6:b871:4f00:93a1
2602:803:c003:200::31
2606:4700:10::6816:1857
2606:4700:10::6816:3556
2606:4700:20::681a:644
2606:4700:20::681a:e3e
2606:4700::6810:3865
2606:4700::6810:5814
2606:4700::6812:18ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:1a::6
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2010
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a00:1450:400c:c09::9a
2a01:4f8:262:3e0c::2
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:480:7b5::2c79
2a02:fa8:8806:13::1370
2a02:fa8:8806:13::1460
2a04:4e42:200::300
2a05:d018:24:b002:30d4:cd9b:2350:dbd6
2a05:d018:d29:3602:5341:747:cc9:c512
2a06:8640:454:0:e082:abff:fefe:d1d2
3.120.23.80
3.122.33.96
3.140.85.27
3.221.13.170
3.75.62.37
34.102.146.192
34.102.163.6
34.102.253.54
34.107.148.139
34.111.113.62
34.111.129.221
34.111.131.239
34.120.107.143
34.160.236.64
34.247.233.198
34.249.132.204
34.253.249.200
34.96.70.87
35.156.208.169
35.157.245.159
35.158.0.70
35.186.154.107
35.186.193.173
35.204.158.49
35.210.239.72
35.214.143.153
35.227.252.103
35.244.159.8
35.71.131.137
37.157.4.29
37.157.5.132
37.157.6.233
37.18.16.22
44.205.87.2
46.228.174.117
51.89.9.253
52.211.223.84
52.222.139.112
52.31.175.73
52.45.96.25
52.48.19.12
52.49.6.152
52.72.179.138
52.72.213.198
52.73.44.187
52.94.223.37
54.195.201.40
54.211.96.115
54.85.70.234
63.251.232.165
64.202.112.127
64.233.166.156
67.202.105.31
69.16.175.10
69.166.1.66
69.166.1.8
69.173.144.138
69.173.144.139
76.223.111.18
77.243.51.122
77.245.57.72
8.2.110.24
80.77.87.161
81.17.55.171
82.145.213.8
85.114.159.118
95.101.148.20
95.101.54.233
98.98.134.242
98.98.134.243
002dc5259c3ec3123809c376af2f9120aa2a726292356ab8a468e820a824f5e3
054fdabf923823ad13846b5c82123680df2d97864f5f1aadf6934ea7cfa4e2c9
0588584c7df8f66eec58d51819176498188da099f6f38686fbea9605e8e66476
063c75f38851ae9672f4648fd9fb7fe4a9f03b6d668fa43c0302e69dd210ff44
073f513e2ef1e863d7b6e4a550303e57d449dd7ce614815a8afbc764cdccfd25
07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925b2e8cb55018e1ae78e1f706561044659393ec4d0053fb34bb9355feae410
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031
0d894ed8c055e8dc3c159d1b692d4d3c0365d901576bcd331dee477c46772cb7
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0e1c641233311962fb29932594790717d9c2b1d8f5427991fb6eca127fb87b21
0fea30e85a1d525bb37a85eeebb9b9edbf0eb8318aaaa8b40f24e8ab2c4fa2d4
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
16168cc67a258c6283baff719456183df2406d5e0459d026b9c437d88cc6c1a1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c48a7164aecab76b2fb3aade87c4e0579927f3bd11bf943674fc712824b9f8b
1d9589136856e9fa3302e22366121ecc44c06dbee390f9cef2acce74023e81e1
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21b5db1ff4c0dcd85d7304e3d87b601d3112d35485e961ab2cc436a947ff0796
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c
2409b5ebc46d5a20b30aceefd8b635780779251625e58ce4ebbe4087db6806b9
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
25f2e84e9b0964761412e1f80cb1b48216743506c2749ed5f0df3dc3c38ae3d3
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2bf866a08b86c6f83921e870b1edb343d6a480e74de418dbadabfc7ada7b67b4
2cd7b175170604bfffc755a51456abea6a1c7a9d44c9e71f51cf7ac024ad90b5
2de507d08dffeb969d4275afac9419997b0e100fbff0f6c5db252d6313fd7e5f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeafbf6e8c39cb74e58548f68bca84b2a785ae31e065f81b01247cb2bbba3a2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3259ca7d3e09ade842ae522f7808dfc053a5d9bf7e19ea5ae94403558a361e86
333d1ecbcaaf920e87b5f740ddc959240e049f681bb7047a2f68f1dc834cff69
336ed034f793c16c4ff629529daa259667d7eef2e6963ec2c34759c48ae3aca0
34407b0594d238989c523216611230dba23c069779ea875df9c5c527d166be95
3557498bf36942fae9e543d9948cb135f96a95751af6758261170641cd34b8b0
35595a5dfea49749f877210a849347ea6ab499277e5fec8270e1bba3f8bc91f7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3a86cdada5e5a31807176f2881b5b196dedbec52d01a47865d9ccbf6f8e33f23
3cf7508697d20aed7674f1be23c3f1c7671afb9d6d9bf5ded1521c8f3397ef99
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40075559be6a25f91cda363732a2130b3f860bb3cee22dd480e9b16bd30374e7
4079e147b052a7f8bcb8008236d3d610d33db43e38b3264d018d6147a736657f
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43c53bf02a155e3bee7d97c88d2566d03dea26793bb52916aa1effd4452305b3
44063b3ab01f27c10689bc9a95378354846eea7a8f4120db6af7af32e6c24a68
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4658ea25e50b7e54308130f0954623461ee7a40e140f7d5e14944c1e7fe5d53a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b682983548f7d93efbd9418efbc83c57e0a9d810c5041548df280e9ff1eb07
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4c2bbbb5c5f4c4757aa651d7d97109fcc5309df91c17b2ba54cf34db0d0c3f8e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fabb325b1fa4841047a48eef9a145e520c0cb1ea5d5d7a00f65359fbbbae089
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9
534220b4f3179db2c286849d8c96dc052b279e5379fd4f27f8ddecf0579b1c24
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
54f478b2b3d77c417340324cf823f478d0d79a152480cb59ed6e3c9c29149f7d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56970f4953389c6f130042268b12e31a344ee3c3aeb26681c0b9a44bf2f07178
5727767939548153a52ecba13f639097f268dba279fd9d72c221feb73ccf232d
596904dd33536d79738684a77ca4301a01e05993c790596aff353435c1165753
5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898
5b8010828c6ab8fd130895601e516bfb4e5c44ba4f87945f3f867a54e24bb5b8
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ca1bb41f8bd235c016c81e22a5be19fafddf755798a6e74420ae21174534595
5d1bb4799403d6012b3bd19e3d43506d76135deb05e9a61cb5690ddd8e43952a
5da22baf9aa30bfaf18f88e146e45bbd7dc2162ec1115fffb4e4a2449a79d9c9
5f7b2658feda172c9f2eeb30c6de5b131956849f8211da2411bb43c2ce859dde
6101ffc555b5aa289fa5fb81b7f9827a476f2c97e32f583f7b2f55d0acf4a700
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63752a316c0a0ee94f36930d4b559a658c2286dd12a061637044a8ddca1c5bfb
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275
6a156519b783c083e2c25ed5c49c00dd956d6be26a347ef09a77221abbed33e9
6a1d4dfa48928d1c3a4af6d9dfdb7cdec990894056ed115ddbaacda3acd700a9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f83d6d161d5d98ac0a6305e882cbf211c330178f30bac4095f967b5475c0e92
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
73f026758bcc856339170fe8ccf2a5011d15f9e83942d33436b84682f8306bc7
78caf0aa7c8036db15e75fa9cdb286a17fb12c436c49e286637bcd2d1f005f1b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a8c5e6235454edfd93da7f240d42634cc3d6d6394158c691a6ddc060222174f
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e07c83d1c72a29cc58bb398ee14506d8c07d5c1364be6129a11bc667177d6f6
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8866873b1c30b2b38229419bb34353aeb1f5910015e12494cf78984d6062ddee
8948d281f636563ad0395e60553a019752cbbb3299a967278cc31fd152458b6d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4196faa28def3b310eed8c11827e29b55f9f3d2bfdd31d3d72669fea7f8c92
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
92076460499b9d3354f22b00ff3e551c90499b77c139c5b5a56df0f9d81a4249
92813fc83e52b2ebc494465b144483d07e7552fc936261292c1ffa977d0118f3
92e748bb356c857acdd8455d5ad749a5072f693414f663fca0a08de1ee48e1b4
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9657d5263e5e96c86cad1555efef026b635b6acba0ca99af4df82637cf875df8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
982556d28de29665e38b1d8730e9fe7a36726146f333521f1e5088f722f30696
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b73626834d588ad05f3e4119f9af8370be6029cd8b467442cc6cf0d63786ea
a11812e6464df5f4feb872949d4c5f8c4a62f93c5060f4ed5f3cc4e9c93bc28e
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a61544bf1f5f6c8aaf3930d0f753c2247791c5bf0941c359573673da05b68ce8
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a92da9304a9303782c25147a1dce9f4e6eaf5a355d7b46d711cf252ad563edad
ac1950bdeb5f114cba1f9440c556f7dcb39865483512ebfdf6ff374ff05ff931
ac1cdabac1764a0230ff8cae64edf9f287f0d7c7d88798e43a07d3c1ea0ff095
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b36c16f4c6311741f1986f446812c9413246fb90a309f38a58248545c8d48b0c
b57b741c07b1df2e463a50420994f94c3e54cb915e915ba74f7a761e74fff63c
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd
b70a75be82cac722f819acde0d2045fdb48549cc5f3e157764f2d1ee33020b46
b7c2730bbf91156366b00f43d97c51a2653a809188a5dba6817d701429166360
b896fa5fe0e0b592fce7930f908fc84481d99bd2ed3651d71ebe364cdae53be2
bae648b29faf42984c65c90cea0c3e69a63b6a0271e971b68b400309278064e3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc7852c01a176a13e3ec246f4dee078559e88116154700069f88e0f6a6569046
bcb58fce353ad45fa0174595ff691762a6c8a822bcfab7282cf2162d25d3d5a7
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c1a65c5cc63842478c419d113c2ed49e5605384d1e35b713aad5b797428089f3
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c259a4238c10ddf51140bca667633404eb18c266af607f04f2d8a9cc9f66ac5c
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88
c844ea3a4e9627e888b54efd92fc648130a8a4bc6ae5e29824a07343639c539b
caf73cfb77b7e7839f9f7f89129e4205469c656bc5772bab1f4fe30d0d64a8ea
cbb56f7cf8fbb4f82fc0a10f49cc492e0b3a6523f5c534bc96367fc456490d64
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
cf18cb5b3f858150a1cabfdbfe8342c3e7c2218065fd9b55384cfadbb693f610
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d23326872ecf307e6d927795a4e1a4f84d0eb2ad7267681b429f66c687e0cff2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d3d08dbba3d454afd4f0542b16c24984a939f64bc49cee43a9b793a5e68b0ef0
d5b616aa4a87fad2c09898d6dfe9ffae5ceff31e2c25d93c7c3ea319d049cbfe
d683efb167e3bb56aa391b4b2996f937ea5c0868698da81f82d85f6f1cdcb9e8
d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a
d9729ae97f8291b9390b5c1c788bdb4a89bd31780831930c726f5604ed16a2a5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd674217ca2f8ae785b700586fbfe7d29aed3fb00c460c2bcb7e4d76ebac5649
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dece7cbebfcff3aa1b576df47969cd000d598208c550c41dd55a49072c2c8e6d
e056d17bdecba103c1979966bd3de66946d555837c85e100e4a561716da691cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4689bcdb8ba0bcb0cd39d315341cc588dae4c4a52d0da051be9709157df0d86
e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018
eb489f28bc837188b5621aec657109294eff23ab6c2c11e8e66b899611d0d4d8
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
ed422d718b8ac9148df79dd6b51623a846e0ae15c53f34c5841fb39517e1826b
ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2048458d4b3de4c4edd310d41c80fe05e454baed71df88ce20d34d1ca51a0b5
f32f632833ea4ce5973e916e262a4b1cc0e4f229396d2cc129be5522ce7ac2c2
f36d8a1ccd4d12529a6093aae8ea221dbc113e2e7f0835c871597b451fde5e09
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68cca8c9a9d2153a2d3d47603fe6496af1f3a51818fae1bc8014fe86896fac4
f7f9aa421701f26668b080f4d4e714ad8171f52ae6440b8d784e59c2fd69791d
f92b65e584c806a73e5f6c977ea25acda30b61248d2ff9ef6ae0f5127df5695e
f9603ca992294eae32f0dc6f0803db2384fb4bd1aba31359c45c22d68da7624f
f9927bfb66ff07054e2067c46efeb3e1449a0cbde713233fd68f0590989ffaf6
fc2e56eed566fbbb80c5147430c7cc78e953cc72707ed7b259c2b7e6647961db
fca12f526ff6386862e0eff9de7bb6c01ab5b7f6038fc9583e752ef782ae51ce
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff0184bcdd0a5de59b5ae6f4b1ca8d68e0e6661845b521a3e6efc3b63b21deaf