urlscan.io logo urlscan.io
SecurityTrails logo

pt.vermin-club.org Open in urlscan Pro
2606:4700:3032::6815:3503  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pt.vermin-club.org/
Effective URL: https://pt.vermin-club.org/
Submission: On March 02 via manual from PT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 13 countries across 82 domains to perform 304 HTTP transactions. The main IP is 2606:4700:3032::6815:3503, located in United States and belongs to CLOUDFLARENET, US. The main domain is pt.vermin-club.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time pt.vermin-club.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
12 104.19.136.78 13335 (CLOUDFLAR...)
3 151.101.1.195 54113 (FASTLY)
2 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
3 7 2a02:6b8::1:119 208722 (YNDX)
1 2a00:1450:400... 15169 (GOOGLE)
5 142.250.184.226 15169 (GOOGLE)
4 37.157.4.29 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
22 2606:4700:10:... 13335 (CLOUDFLAR...)
7 16 185.33.221.90 29990 (ASN-APPNEX)
4 216.52.2.39 29791 (VOXEL-DOT...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
2 185.184.8.65 204995 (RTB-HOUSE...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 147.75.38.124 54825 (PACKET)
4 212.77.99.29 12827 (WIRTUALNA...)
7 51.38.120.206 16276 (OVH)
1 2620:0:890::100 54113 (FASTLY)
5 104.19.132.78 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.98 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
9 12 142.250.186.66 15169 (GOOGLE)
3 12 184.87.213.8 16625 (AKAMAI-AS)
2 35.244.159.8 15169 (GOOGLE)
2 104.89.28.165 16625 (AKAMAI-AS)
1 2 52.212.39.74 16509 (AMAZON-02)
2 2600:9000:224... 16509 (AMAZON-02)
8 52.71.187.127 14618 (AMAZON-AES)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
5 2.18.233.180 16625 (AKAMAI-AS)
2 151.101.193.108 54113 (FASTLY)
2 212.77.98.32 12827 (WIRTUALNA...)
2 6 185.64.190.78 62713 (AS-PUBMATIC)
2 2600:9000:215... 16509 (AMAZON-02)
4 4 18.184.26.136 16509 (AMAZON-02)
7 7 18.156.0.31 16509 (AMAZON-02)
2 2 35.156.177.8 16509 (AMAZON-02)
2 2 3.231.111.247 14618 (AMAZON-AES)
4 4 96.46.186.59 7979 (SERVERS-COM)
2 54.36.109.183 16276 (OVH)
2 213.19.147.45 26120 (RHYTHMONE)
3 5 15.197.193.217 16509 (AMAZON-02)
2 4 52.46.130.91 16509 (AMAZON-02)
3 2a05:d018:d29... 16509 (AMAZON-02)
2 2 52.209.195.4 16509 (AMAZON-02)
1 1 64.202.112.127 22075 (AS-OUTBRAIN)
1 185.33.221.53 29990 (ASN-APPNEX)
1 2 52.204.231.109 14618 (AMAZON-AES)
1 1 52.44.238.197 14618 (AMAZON-AES)
1 34.240.134.29 16509 (AMAZON-02)
2 3 104.89.45.32 16625 (AKAMAI-AS)
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 4 37.157.3.29 198622 (ADFORM)
2 2 185.29.132.241 30419 (MEDIAMATH...)
11 185.64.189.110 ()
2 2 213.155.156.183 1299 (TWELVE99 ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 151.101.130.49 54113 (FASTLY)
1 1 52.1.164.170 14618 (AMAZON-AES)
1 1 23.88.75.189 24940 (HETZNER-AS)
2 198.47.127.20 ()
3 3 141.94.170.77 16276 (OVH)
2 2 52.30.14.23 16509 (AMAZON-02)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 169.50.137.182 36351 (SOFTLAYER)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 3 18.194.159.8 16509 (AMAZON-02)
2 2 91.207.59.213 48061 (UMA-TECH-AS)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 2a02:fa8:8806... ()
1 5.161.47.120 ()
1 72.251.241.196 ()
1 195.5.165.20 ()
1 2606:4700:20:... ()
1 1 94.23.73.243 ()
1 1 2a04:4e42:400... ()
1 151.101.193.44 ()
1 38.91.45.7 ()
2 2 35.158.245.151 ()
1 1 66.155.71.150 ()
1 34.242.212.194 ()
4 4 35.227.208.19 ()
2 35.201.81.244 ()
304 73
28    2606:4700:3032::6815:3503 (United States)

ASN13335 (CLOUDFLARENET, US)
pt.vermin-club.org
vermin-club.org
a.vermin-club.org
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
3    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
2    2600:9000:2156:ae00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    2600:9000:2315:6c00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
5    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
4    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
22    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
16    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
5    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
2    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
7    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
site2text-2021.web.app
5    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
16    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
11    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
21    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
12    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
12    184.87.213.8 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-8.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com
sync.teads.tv
2    52.212.39.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-39-74.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2600:9000:224a:c200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    52.71.187.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-187-127.compute-1.amazonaws.com
dt.adsafeprotected.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl
std.wpcdn.pl
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2600:9000:2156:3200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    18.184.26.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-26-136.eu-central-1.compute.amazonaws.com
pixel.advertising.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.156.177.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-177-8.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    3.231.111.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-111-247.compute-1.amazonaws.com
ssp.disqus.com
4    96.46.186.59 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    54.36.109.183 (France)

ASN16276 (OVH, FR)
PTR: p08.id5-sync.com
id5-sync.com
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
usermatch.targeting.unrulymedia.com
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    2a05:d018:d29:3602:8032:ea84:336c:262b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    52.209.195.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-195-4.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    64.202.112.127 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    52.204.231.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-231-109.compute-1.amazonaws.com
um2.eqads.com
1    52.44.238.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-238-197.compute-1.amazonaws.com
nep.advangelists.com
1    34.240.134.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-134-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    104.89.45.32 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-45-32.deploy.static.akamaitechnologies.com
px.owneriq.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
11    185.64.189.110 (None, )

ASN- ()
simage2.pubmatic.com
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.1.164.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-164-170.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    23.88.75.189 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de
csync.loopme.me
2    198.47.127.20 (None, )

ASN- ()
image4.pubmatic.com
3    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
2    52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    18.194.159.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-159-8.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    91.207.59.213 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp8.sender.ltmse.com
px.adhigh.net
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:16::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    5.161.47.120 (None, )

ASN- ()
matching.truffle.bid
1    72.251.241.196 (None, )

ASN- ()
cm.adgrx.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    2606:4700:20::681a:bd1 (None, )

ASN- ()
ad4m.at
1    94.23.73.243 (None, )

ASN- ()
green.erne.co
1    2a04:4e42:400::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.193.44 (None, )

ASN- ()
match.taboola.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    35.158.245.151 (None, )

ASN- ()
pm.w55c.net
1    66.155.71.150 (None, )

ASN- ()
pixel-sync.sitescout.com
1    34.242.212.194 (None, )

ASN- ()
rtb.gumgum.com
4    35.227.208.19 (None, )

ASN- ()
cr.frontend.weborama.fr
2    35.201.81.244 (None, )

ASN- ()
idsync.frontend.weborama.fr
Apex Domain
Subdomains		 Transfer
31 pubmatic.com
hbopenbid.pubmatic.com Failed
ads.pubmatic.com — Cisco Umbrella Rank: 419
image6.pubmatic.com — Cisco Umbrella Rank: 571
simage2.pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 774
image4.pubmatic.com
simage4.pubmatic.com Failed
aud.pubmatic.com Failed
54 KB
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
156 KB
28 vermin-club.org
pt.vermin-club.org
vermin-club.org — Cisco Umbrella Rank: 971189
a.vermin-club.org
2 MB
24 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
228 KB
22 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 9020
sync.quantumdex.io — Cisco Umbrella Rank: 3073
4 KB
21 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
498 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
acdn.adnxs.com — Cisco Umbrella Rank: 523
secure.adnxs.com — Cisco Umbrella Rank: 359
48 KB
17 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8333
c.mgid.com — Cisco Umbrella Rank: 6428
cdn.mgid.com — Cisco Umbrella Rank: 10514
servicer.mgid.com — Cisco Umbrella Rank: 8449
s-img.mgid.com — Cisco Umbrella Rank: 7801
cm.mgid.com — Cisco Umbrella Rank: 2218
170 KB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 660
static.adsafeprotected.com — Cisco Umbrella Rank: 500
dt.adsafeprotected.com — Cisco Umbrella Rank: 458
95 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476
14 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
4 KB
8 adform.net
adx.adform.net — Cisco Umbrella Rank: 4064
c1.adform.net — Cisco Umbrella Rank: 524
3 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 797
4 KB
6 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
993 B
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
dis.criteo.com — Cisco Umbrella Rank: 617
2 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 28691
2 KB
5 connectad.io
i.connectad.io — Cisco Umbrella Rank: 6650
cdn.connectad.io — Cisco Umbrella Rank: 4108
sync-eu.connectad.io — Cisco Umbrella Rank: 2655
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
3 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1509
3 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
1 KB
4 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 22697
973 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
2 KB
3 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1469
mwzeom.zeotap.com — Cisco Umbrella Rank: 1307
1 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1868
1 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 825
1 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1957
pubmatic-match.dotomi.com
405 B
3 optad360.io
get.optad360.io — Cisco Umbrella Rank: 24237
cmp.optad360.io — Cisco Umbrella Rank: 37034
235 KB
3 zx-adnet.com
cdn.zx-adnet.com — Cisco Umbrella Rank: 135375
20 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
41 KB
2 w55c.net
pm.w55c.net
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
531 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11171
872 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 628
598 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4364
637 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 690
943 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 2981
563 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 462
1 KB
2 unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2888
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 488
2 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 7118
583 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
479 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 698
479 B
2 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 29822
67 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 870
344 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 323
366 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
77 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1055
577 B
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130
360 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1689
24 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2926
69 KB
1 gumgum.com
rtb.gumgum.com
209 B
1 sitescout.com
pixel-sync.sitescout.com
336 B
1 deepintent.com
match.deepintent.com
44 B
1 erne.co
green.erne.co
326 B
1 ad4m.at
ad4m.at
891 B
1 iprom.net
core.iprom.net
277 B
1 adgrx.com
cm.adgrx.com
408 B
1 truffle.bid
matching.truffle.bid
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2130
534 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 381
537 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 908
216 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 781
615 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
177 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438
501 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 1943
232 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 528
317 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
792 B
1 web.app
site2text-2021.web.app — Cisco Umbrella Rank: 234139
323 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
1 KB
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 425
5 KB
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 audrte.com Failed
a.audrte.com Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 tribalfusion.com Failed
s.tribalfusion.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
304 82
Domain Requested by
24 a.vermin-club.org pt.vermin-club.org
21 s0.2mdn.net 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
pt.vermin-club.org
s0.2mdn.net
20 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pt.vermin-club.org
32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
16 ib.adnxs.com 7 redirects get.optad360.io
googleads.g.doubleclick.net
acdn.adnxs.com
12 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 simage2.pubmatic.com ads.pubmatic.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pt.vermin-club.org
32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
10 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
8 dt.adsafeprotected.com 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
7 image2.pubmatic.com ads.pubmatic.com
7 ups.analytics.yahoo.com 7 redirects
7 onetag-sys.com get.optad360.io
sync.quantumdex.io
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
5 ads.pubmatic.com get.optad360.io
sync.quantumdex.io
ads.pubmatic.com
5 s-img.mgid.com
5 mc.yandex.com 2 redirects
5 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
4 cr.frontend.weborama.fr 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 ads.betweendigital.com 4 redirects
4 pixel.advertising.com 4 redirects
4 googleads4.g.doubleclick.net pt.vermin-club.org
4 cdn.mgid.com jsc.mgid.com
4 ssp.wp.pl get.optad360.io
4 ap.lijit.com get.optad360.io
sync.quantumdex.io
4 adx.adform.net get.optad360.io
3 x.bidswitch.net 3 redirects
3 pixel.onaudience.com 3 redirects
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
ads.pubmatic.com
3 googleads.g.doubleclick.net 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
pt.vermin-club.org
3 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 c.mgid.com jsc.mgid.com
3 cdn.zx-adnet.com pt.vermin-club.org
cdn.zx-adnet.com
3 cdnjs.cloudflare.com pt.vermin-club.org
s0.2mdn.net
3 pt.vermin-club.org 1 redirects pt.vermin-club.org
2 idsync.frontend.weborama.fr sync.quantumdex.io
2 pm.w55c.net 2 redirects
2 px.adhigh.net 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ad.turn.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 usermatch.targeting.unrulymedia.com sync.quantumdex.io
2 ssum-sec.casalemedia.com sync.quantumdex.io
2 id5-sync.com sync.quantumdex.io
2 ssp.disqus.com 2 redirects
2 match.sharethrough.com 2 redirects
2 s.ad.smaato.net sync.quantumdex.io
2 std.wpcdn.pl ssp.wp.pl
2 acdn.adnxs.com get.optad360.io
2 cdn.connectad.io get.optad360.io
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 static.adsafeprotected.com 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects pt.vermin-club.org
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 www.googletagservices.com 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
2 www.google.com tpc.googlesyndication.com
32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
2 cm.mgid.com jsc.mgid.com
2 prebid.a-mo.net get.optad360.io
2 web.hb.ad.cpe.dotomi.com get.optad360.io
2 prebid-eu.creativecdn.com get.optad360.io
2 i.connectad.io get.optad360.io
2 useast.quantumdex.io get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 mc.yandex.ru 1 redirects pt.vermin-club.org
2 get.optad360.io pt.vermin-club.org
get.optad360.io
2 jsc.mgid.com pt.vermin-club.org
jsc.mgid.com
1 rtb.gumgum.com
1 pixel-sync.sitescout.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 green.erne.co 1 redirects
1 ad4m.at ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 spl.zeotap.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync-tm.everesttech.net ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 dpm.demdex.net ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 b1sync.zemanta.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 servicer.mgid.com jsc.mgid.com
1 site2text-2021.web.app storage.googleapis.com
1 cdn.jsdelivr.net get.optad360.io
1 storage.googleapis.com cdn.zx-adnet.com
1 cmp.optad360.io pt.vermin-club.org
1 vermin-club.org pt.vermin-club.org
0 sync.ipredictive.com Failed
0 a.audrte.com Failed
0 uipglob.semasio.net Failed
0 aud.pubmatic.com Failed
0 s.tribalfusion.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 sync.go.sonobi.com Failed sync.quantumdex.io
0 hbopenbid.pubmatic.com Failed get.optad360.io
304 119
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
www.drivermanager.club
GTS CA 1D4		 2022-01-07 -
2022-04-07		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.a-mo.net
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-05 -
2022-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
web.app
GTS CA 1D4		 2022-01-31 -
2022-05-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-14 -
2022-05-15		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh

This page contains 60 frames:

Primary Page: https://pt.vermin-club.org/
Frame ID: C44AB49C1F14EFD68E3371CEB6D6733B
Requests: 97 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1646245666928220452425
Frame ID: ED3EA7164577F1C0E3FB2D3EF53ED714
Requests: 1 HTTP requests in this frame

Frame: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1CDA8AB9CC3EFB221F6CB2165AEA4FDD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4D9E4CE78FBB58BD9FD726B90EBD1A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 962CCEAB21C3C6E41E32708B0D68029D
Requests: 2 HTTP requests in this frame

Frame: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 832F35F9D31DBDB16A4233C1B9B4299A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COykVhCv2FYYpMiiwwEwAQ&v=APEucNUk26LoHZRvl5As0eYU6b-W2jHKSTTKYqs3czP7EfFPUlDd5-u9fcLpcSslIQlaKLFbX0yjqRlwQYGDTQYpKw6uSCBv6l6lOzbKd-Qg3zFLvcgNtonEqTJKxmwY4F7uBsYjuCrsYxwSXdHISp7po4r9ngYJybeKDuMq1y8FF4oy5NiS35vu9MHj83yV0e10yi-q9JJZ9VYGl9VaNEzhZ-dYnafZ7A
Frame ID: 5885B6FD8956233AC6EC3047D4BA2FC7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9FDBFB1D8CB6041730C1710147BCE47A
Requests: 3 HTTP requests in this frame

Frame: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 740573F5A9E3BD56FA3A128C1D6AC019
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY-f6-vQEwAQ&v=APEucNUoV2vLN1eY3j7AEuz0WYETaWeM0QKHGhstZMWnNSwCFwOWTKlqWfr5nIZkrl8JyI8-yp4ydkxkCBmqY9F-SWnBwWXyDPDFQQBYEmUC7Q-4UDBZ1Mr5-S_PxjZyyr6X-Sy9lJHMhMst1em8sj84XLD-P9F3Ml2a1SBKI7IA-PJWDLg28oe5Buuzk9FhaLtXCpGqwjetZDS9dtzHZbvdC0SAiwsbHA
Frame ID: 2F0C8293618F99A88666609081AA552F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 15FD4AD6244FC777B0DEF33123CF8015
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
Frame ID: D14E22206A005B4DCDABF782D371C821
Requests: 20 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: F0B9A54FEC49A7A3A6B363599451E6D3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 7EBB130CC9C3DDFE5EB77FF3D49D640F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1646245666352
Frame ID: DF3E9C16443C112FF832397D4CC9E921
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 4D64388047ABD4A24B8D803E4A85E955
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 43E2D3D185CDECBF45BA946CA8BBC07C
Requests: 19 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 737A06D0F2070260C49021038D5B79E5
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1646245666353
Frame ID: 442F6FFCCF96C570584572DB7C0F7A98
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 41D342C2643E19B537B04B6D0A4D0485
Requests: 12 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 32DD800C3537A6FB04E4D7082D2F6E15
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: B9D4D3AEA30ABD52B62639245D656F82
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C00CD60441154FEF5FB255F3791D4A01
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: C317999FE41CD2611EFA96BCC0471447
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9CAF66D38D9AB33A315E9BFA7CB7F2DD
Requests: 3 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 4FC3579B18CCF2F966E76001B8240D77
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: FFD90A7E69A6CA29AE7B3704FC31217C
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 380A1219AD416448C1C4E58F150611A3
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: E8E8F420F9E782B4C3F97D3CA5B9070F
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: BB0E5D73B634A7B1A4932BDED4DA0FE4
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: ED2547D134D66E4F07607F49D2001754
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 08F72B1E3B868EACE38F0892315451D5
Requests: 3 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 5507A0723F80CAB0D54E45452E8831A4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: E74DEC8A880A481D7DD554537505222F
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: F138CE2C87C4A8E162EACA5104428686
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 20B0407D891502904347385743BA5C34
Requests: 10 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 49679DEE793F99D11A9429B25FE0F9D9
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Frame ID: F2A4C31FB392BF14032874A5FAD11CA0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ab4621f-b726-4200-8db6-5509135c74ab&gdpr=0&gdpr_consent=
Frame ID: 959F22958CF3CEE50B174352C056C4AF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2297747156708033810
Frame ID: A9A9DA34C6AF7F43E4E07682294FF7D4
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D0A812AA4E9B3BC5A33EB9023C629BEC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070571313856510091
Frame ID: F4D8CE576E8DE55F9C6C8FB0791375A2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 74ABB52D49548F9C757DAE8A893C626E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CsQwfrNJSdtMps5iBUuh3tlAlwU
Frame ID: 99EADCB219B8C6245EB9409E4B7EC8D0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 6D5AF58F71C12F88C02A4E974ECF3FC0
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAF4C07EP24AAHksVH03uQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Frame ID: D96724E233A41F6DC15650552F85000D
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: F03DBC0DA6963CF4015AFCA7DAFC1315
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0DEC7A9F5E74325EB84BCFA91C1D3C52
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 614D7AD61F28EC0F61DBADD4926714FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a0f94def-a5d4-40a6-b633-792dbdc05d36-003
Frame ID: AE5EFA44DFD6E3DE63B3737762198C78
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: DD8E15EA1534312A03634BE971BE385C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: B085325D6EA2BCE60006ACB705E6234A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfbFs7JbQZOLeA3jrf7CYaQz
Frame ID: 529CCAA15CBE0B81D4464585E2D334BC
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=11bdb3a8-7e36-4c0b-a3a7-5697f3c353e5-tuct9193ca9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: D03A3D784738D9A10060943D8DB95634
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 1E47EDB22BDF877131AA00C495003C7F
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Frame ID: 556C22F4C1BEF7F420EF613CF927729D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZzVOtG521NptHz5&gdpr=0&gdpr_consent=
Frame ID: C76CAF14FF2C9575851CE0B4B0662314
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8B1A550DAC42406EAD2920467F619187
Frame ID: B095B4EC9A19D4D942986F78A0611C48
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Frame ID: B83E14340523CB6FC2A35BD501DD50E9
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Frame ID: 3ECF34C6892A36357C6376F93565CF91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dicas De Mecânica Profissional 2022

Page URL History Show full URLs

  1. http://pt.vermin-club.org/ HTTP 301
    https://pt.vermin-club.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

304
Requests

79 %
HTTPS

31 %
IPv6

82
Domains

119
Subdomains

73
IPs

13
Countries

3913 kB
Transfer

6591 kB
Size

88
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pt.vermin-club.org/ HTTP 301
    https://pt.vermin-club.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9565.uSWtWGheDbg7OxBmIGQypIVLCinH4649imtFPQSAbemkcykVMjBbTzxS_LbyQMYv.F9ekd8b_Z4unevZ1utyI1C92o34%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9565.YNPBQptkZcDmmp8pBPtQUwjabTmtEVrpsmlmcEotRTmYact7M-iZlb0TzhlIddfbyCaCgbM7NtEQs2_ghn3_tw%2C%2C.NfmnID8CF_SUZt7AD8lJYVfeCC0%2C
Request Chain 74
  • https://mc.yandex.com/watch/49262191?wmode=7&page-url=https%3A%2F%2Fpt.vermin-club.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A410%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1003727046311%3Ahid%3A888162128%3Az%3A0%3Ai%3A20220302182746%3Aet%3A1646245666%3Ac%3A1%3Arn%3A495543453%3Arqn%3A1%3Au%3A1646245666552382739%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646245665556%3Ads%3A0%2C43%2C54%2C6%2C137%2C0%2C%2C21%2C0%2C547%2C547%2C0%2C289%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646245666%3At%3ADicas%20De%20Mec%C3%A2nica%20Profissional%202022&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/49262191/1?wmode=7&page-url=https%3A%2F%2Fpt.vermin-club.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A410%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1003727046311%3Ahid%3A888162128%3Az%3A0%3Ai%3A20220302182746%3Aet%3A1646245666%3Ac%3A1%3Arn%3A495543453%3Arqn%3A1%3Au%3A1646245666552382739%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646245665556%3Ads%3A0%2C43%2C54%2C6%2C137%2C0%2C%2C21%2C0%2C547%2C547%2C0%2C289%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646245666%3At%3ADicas%20De%20Mec%C3%A2nica%20Profissional%202022&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1&C=1
Request Chain 117
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yh.3I7VlC8V.UrxmdB3VAgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1&google_hm=2
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELOxR4vl99H5Wx_JrJUY1co&google_cver=1
Request Chain 119
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI5NDkxNTQ5MTI1NzM2MDg2Ng%3D%3D
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE7m3YvkWzGSKZaWs26KQPc&google_cver=1
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMg9oaYN8yNWEWw0mLlyoVM&google_cver=1
Request Chain 166
  • https://fw.adsafeprotected.com/rfw/st/899486/59154207/4.js?ias_dspID=3&ias_campId=15846431&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=50015086&bidurl=https://pt.vermin-club.org/&ias_dealId=&adContainerId=brand_safety_JLcfYrfZB8eArASPgoEQ&cbFunctionName=goog_wrapCb_JLcfYrfZB8eArASPgoEQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fpt.vermin-club.org%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cc9d3209-9091-e13a-130a-99f6370cbaeb,c:5JkqGk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-6frjg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:sYWX3sc+11%7C12%7C13%7C141%7C142%7C15*.899486-59154207%7C151%7C152%7C153,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:16,oid:76393c73-9a56-11ec-a9d4-eeb827d3633a,v:19.8.289,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 175
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpt.vermin-club.org%2F&domain=pt.vermin-club.org&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=aB5mwXxWQ2lBZUEyUWVDM1BTUXdNRHhlMUFSOXhPeWoyTzBFcysrdXJnK3hSZlkvUzBSWFYreFNjWXgrenI0d1hLWXFSdWVyUkVFTlhiMTVOU0ZWK0s4eVRoK1NOV3NsY2tvV3R3OWNEQlZxcHpJMzl5TFNMZkJTMFdXNU82UWVvVEFhSXNKcEJUT2ZtUCs2UlRnc1pmUlJ3aTNuM3EyNDNsYWNMUkl1NEh2Q1QzNG9xQTA3Q0FRWk5ERXVKNXNYN0RJY29nWjF5L3RIY2hSRENpUW1FcmdKY1I2VHBubzZqV3YzM215Q3V5cE05dW1TUStNUk5kbHo5bWFzS25zNVhPdWVhfA&cppv=2
Request Chain 201
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP778bad00-9a56-11ec-9060-02fd1e388e70 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP778bad00-9a56-11ec-9060-02fd1e388e70
Request Chain 202
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8294915491257360866
Request Chain 203
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ed00d121-bad0-48bf-a936-92542bee6089
Request Chain 204
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8294915491257360866
Request Chain 205
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=2a206806-c4c0-e7b5-268f-fdbc9816a8f2
Request Chain 206
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=50ae19af-5ab2-533d-989e-629dfa81d5bb
Request Chain 208
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-2rP9FQ1E2uFr.B4Zj3OxrYOBKw.9R6bc.V.QcZ4-~A
Request Chain 211
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3ab9e0fe-a70e-496a-928a-856310c33327
Request Chain 212
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8294915491257360866
Request Chain 213
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=46a2fbf6-bf8e-f7f9-e5dc-9baea9de7325
Request Chain 214
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=50ae19af-5ab2-533d-989e-629dfa81d5bb
Request Chain 215
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8294915491257360866
Request Chain 217
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-2rP9FQ1E2uFr.B4Zj3OxrYOBKw.9R6bc.V.QcZ4-~A
Request Chain 220
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP778bad00-9a56-11ec-9060-02fd1e388e70 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP778bad00-9a56-11ec-9060-02fd1e388e70
Request Chain 234
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&dcc=t
Request Chain 236
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAF4C07EP24AAHksVH03uQ&expiration=1647455270&gdpr=1
Request Chain 237
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 240
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 241
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&dcc=t
Request Chain 245
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f485b240-ca98-47de-a4db-a071a609c9df
Request Chain 247
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6995320701087191300&uid=Q6995320701087191300&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 248
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3373112829131155851
Request Chain 250
  • https://c1.adform.net/serving/cookie/match?party=14&cid=46CD38BE-6F1F-4009-A3FA-D14CC5652109 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ab4621f-b726-4200-8db6-5509135c74ab&gdpr=0&gdpr_consent=
Request Chain 252
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2297747156708033810
Request Chain 254
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070571313856510091
Request Chain 256
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CsQwfrNJSdtMps5iBUuh3tlAlwU
Request Chain 257
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rs04vm8fQAmj-tFMxWUhCQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 259
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8f2621f-b726-4200-aed2-b00d275d4d7e
Request Chain 260
  • https://pixel.onaudience.com/?partner=214&mapped=46CD38BE-6F1F-4009-A3FA-D14CC5652109 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=9f184b98-2279-4258-a3ce-33a29ca54634&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=0d7eb5aa2f623bb1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e2dda741-c268-4b31-6a3c-c229314f67a7&reqId=c451804b-f207-43ed-7acf-9ff4932c6324&zcluid=0d7eb5aa2f623bb1&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDGf0IkIhvgdAzbEbwQHz1I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e2dda741-c268-4b31-6a3c-c229314f67a7&reqId=c451804b-f207-43ed-7acf-9ff4932c6324&zcluid=0d7eb5aa2f623bb1&zdid=1332
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDZDRDM4QkUtNkYxRi00MDA5LUEzRkEtRDE0Q0M1NjUyMTA5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJIKffqULTACEPOTQrBzz1c&google_cver=1
Request Chain 264
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7467543383707240491
Request Chain 265
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9f184b98-2279-4258-a3ce-33a29ca54634
Request Chain 266
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8294915491257360866&gdpr=0&gdpr_consent=
Request Chain 267
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mqx4gc6pe9GB-y3WmP1kgZmoetKBqHGDnf9Edzyv
Request Chain 269
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-t30xweFE2uV6BX3MpIGY8z7gUewmJEo-~A&gdpr=0&gdpr_consent=
Request Chain 270
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://px.adhigh.net/p/cm/bsw?u=46be2ef1-7717-44e9-aee0-30fbd8c02846&bidswitch_ssp_id=pubmatic HTTP 302
  • https://px.adhigh.net/p/cm/bsw?u=46be2ef1-7717-44e9-aee0-30fbd8c02846&bidswitch_ssp_id=pubmatic&bounced=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=usYvP4pDTNRZ.AikABlF_S-Nw7g&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=46be2ef1-7717-44e9-aee0-30fbd8c02846&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 271
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3373112829131155851&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 272
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c8530017-bbad-44a9-805e-f07fe6c8dd71&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 279
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGNEMwN0VQMjRBQUhrc1ZIMDN1UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAF4C07EP24AAHksVH03uQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Request Chain 282
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 283
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1646245673476 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5504513764 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/9f184b98-2279-4258-a3ce-33a29ca54634 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a0f94def-a5d4-40a6-b633-792dbdc05d36-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a0f94def-a5d4-40a6-b633-792dbdc05d36-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a0f94def-a5d4-40a6-b633-792dbdc05d36-003
Request Chain 286
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfbFs7JbQZOLeA3jrf7CYaQz
Request Chain 287
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=11bdb3a8-7e36-4c0b-a3a7-5697f3c353e5-tuct9193ca9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 289
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Request Chain 290
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZzVOtG521NptHz5&gdpr=0&gdpr_consent=
Request Chain 291
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8B1A550DAC42406EAD2920467F619187
Request Chain 292
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&addseg=19,36,42
Request Chain 293
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=46CD38BE-6F1F-4009-A3FA-D14CC5652109&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=46CD38BE-6F1F-4009-A3FA-D14CC5652109&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 296
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 297
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8294915491257360866
Request Chain 303
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=787035825 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Request Chain 304
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3446059053 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CD38BE-6F1F-4009-A3FA-D14CC5652109

304 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pt.vermin-club.org/
Redirect Chain
  • http://pt.vermin-club.org/
  • https://pt.vermin-club.org/
33 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
5edee81a3075d220de89cf3dd4990f261468de3264c6c96f579b21d012ff7c63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.0.15
cache-control
max-age=86400
expires
Thu, 03 Mar 2022 18:27:45 GMT
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDX0a0KrAc%2F5L%2F7UDmOnqD9CcwbiN4VHnAorXSX4qs3TS%2F50TrClD%2FhpFra%2FApzoxDOr8XNj%2F6zwUYvUCsbTnl8%2Be5WFQ7zQ3h%2FfSIzzE1h%2FE86xd%2B8VWvNja0GXh%2B0rl%2FoZEOAUDa%2FinGchgxp4GsI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e5c3032ff899010-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Wed, 02 Mar 2022 18:27:45 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 02 Mar 2022 19:27:45 GMT
Location
https://pt.vermin-club.org/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9xVmv7VAHHt3d45Afa0syzIFczhdzN7rQ9TkQgt7JpfXGFLiTZlM7pPMSw4nLrJVNTu3AanXNVeKqey8%2FX71y2LZtIZL8QE63WYadCOhKJ1ZtNN8GKnCEKOHwsaEGNjEohtOvBTss59gyfX0hnRya4%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6e5c303278409217-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
vermin-club.org/template/tech/css/ 		90 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vermin-club.org/template/tech/css/style.css
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
367dd665f9afbfccfc1f77a26ca2684fa5e4023fd86735f8182580a1b492be8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
206230
cf-polished
origSize=94186
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 16 Feb 2022 07:38:37 GMT
server
cloudflare
etag
W/"16fea-5d81dbcd753b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vjl30njDkbeZd8oZal5EDiH13SPt4ntis0BNw7BfRLBrNdLsN17YWLGZobl2AVMFLG4T0PTVfQ9gurDLxBbHmb8VePrQ0qbSVHOGOXcR9M3HfkpV2%2Fhdt2P%2FuDGseHagVkmUJmgkk5CQVe9ZLy8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Mon, 14 Mar 2022 09:10:35 GMT
cache-control
max-age=31536000
cf-ray
6e5c3033888f9010-FRA
cf-bgj
minify
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2409338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
975
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-fe0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZKjSUYIVx9RqXP5VamrLRtPsn%2BgHeHqoqoBFdVxYH1jlI9SlryGZKB80oNETYvrROpuDxRJArDIxHHbFGX7m8AnkZj5XlZE1j8BjNhrilQgRpebaqjipUVhZE7P9PxvSZswe5LG01KMRcUEuRsfTnw%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e5c3033a992f92f-MXP
expires
Mon, 20 Feb 2023 18:27:45 GMT
how-to-replace-an-ac-evaporator-sensor-8.jpg
a.vermin-club.org/articles-2016/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-to-replace-an-ac-evaporator-sensor-8.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
208c5e430e33bb295af95e678eea870042201f0cff4ce85654eab222336357c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65452
last-modified
Thu, 07 Oct 2021 17:31:59 GMT
server
cloudflare
etag
"ffac-5cdc6a3dc6ee3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBzMYdegAA0hxnmn4VOtX1XJBJsRoiBtoKabmgqT%2BKcXeZxdGNuN%2FZE%2Bev0Lpk6qo%2BYf70YMf2v2pVqlu9Ci4%2B43aJ%2Bgl1NT19LsAMQhbmfb5%2Bcd8WY4eKGfCzy5p0dKhId%2F%2BXhpT%2FxAoYRKMnvmCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c3033a8f69010-FRA
understanding-fiat-oil-change-indicator-system-and-service-indicator-lights-7.jpg
a.vermin-club.org/articles-2016/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/understanding-fiat-oil-change-indicator-system-and-service-indicator-lights-7.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
813dc300b281d78f7340d588f6f441e2a38283077f2c06c9c136d767b5ff2af6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81066
last-modified
Thu, 07 Oct 2021 17:04:01 GMT
server
cloudflare
etag
"13caa-5cdc63fd0bedf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkFEGK5%2BElzF34FJU3rcS4I0gkDiY9L6ZJ20tIjPKTL4iY5tkW6kIEgZXVrkYniEpl9wzNPkVuhtpTKA7C0iKQa0JgKwF5tQKz5%2BOjWS5MWf6ilo45tebaspjrGgwNzTBzB6w8OHONxNzq8ggNoLug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c3033a8df9010-FRA
rules-of-road-for-virginia-drivers.jpg
a.vermin-club.org/articles-2016/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/rules-of-road-for-virginia-drivers.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c9c7bd67507aff00d091810e9e9014b43e5f1e138d4c02558db85ab70d0b27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
101563
last-modified
Thu, 07 Oct 2021 17:07:09 GMT
server
cloudflare
etag
"18cbb-5cdc64b06d1b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0dgo%2BS6Cyh4tr6GOm9tEkpYi7wNWPDzXQZbGRM2YANnYPicoLttrRMKQzu0el9PbNk8YovcWF1%2Fv079T5d2%2B%2B8qfpEyg%2BH4fTShHgbVNYmQxpyk5VvZzG42BxzjMHFBY8pH%2B5or5IRgYuyWyk7BDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c3033a8f59010-FRA
best-used-cars-to-buy-if-you-re-pizza-delivery-guy-or-gal.jpg
a.vermin-club.org/articles-2015/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2015/best-used-cars-to-buy-if-you-re-pizza-delivery-guy-or-gal.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae654bb00dfb7658439a213abaed4c4360c39709687b4372a148338ebadd8839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70208
last-modified
Thu, 07 Oct 2021 16:59:56 GMT
server
cloudflare
etag
"11240-5cdc6313ad6fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXjo5ZmjtNTp0OjDC6cUMMbh5HjB6WchQTGEgEw6wPvU2G86MK1m%2Bj9C2CB9WRzcSINw%2BFb0C19KIkvkZG5ghsvTXeMv5xEExWGoLDS9T6MtNq7t7f7GLVOVYLUDqPP7fA54kNku%2F82oHz0JR%2FRKng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c3033a8cb9010-FRA
is-it-okay-to-drive-vehicle-with-windows-that-won-t-roll-up-or-down.jpg
a.vermin-club.org/articles-2015/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2015/is-it-okay-to-drive-vehicle-with-windows-that-won-t-roll-up-or-down.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b51609a8fc4e12782b6e4c093dc59cba3c1c9ae9bb3381ce407a565f9348613f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53393
last-modified
Thu, 07 Oct 2021 16:53:05 GMT
server
cloudflare
etag
"d091-5cdc618b9ec6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7OSzTL02U7092yMscZH%2FxLSRLE7BvWH7kEPnor0TF6XMIQ6v6%2FhHdva4YMantSOnhOjbWDnDtrC2fGHMnFIOR3MFxg%2FdGZYn47hbACEsHYzGpDqe50LO1G4ZYgujaKmxAk7QbtFyrTFXX%2BPTovOWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c3033a8d99010-FRA
how-to-buy-personalized-license-plate-in-utah.jpg
a.vermin-club.org/articles-2016/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-to-buy-personalized-license-plate-in-utah.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bad32e8551246b5cf0ec00d5d1c32fadedabcf7283a0b30c5aa6188b1868cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
97715
last-modified
Thu, 07 Oct 2021 17:50:14 GMT
server
cloudflare
etag
"17db3-5cdc6e51bf6ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaTnAKP%2F4S%2FEB87yhirCyqAYjchxXpV2PPvL6Yr5Jxr3kcHw1LX3NcM0u1B%2Ba%2FPmbAIkNzhIDVQRu76TY8NGZg9Sk3Cank1ZI46QumskUbmI63Sy9wKANI4OK8slp40p4i0Ow0ivzyB%2F1aCCanZJJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c3033a8f19010-FRA
how-to-renew-your-car-registration-in-idaho.jpg
a.vermin-club.org/articles-2016/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-to-renew-your-car-registration-in-idaho.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db147d3ba0dcc31af1ef87df2d1f8563e72236bbf8bd2f6ff6b338505f882507

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62500
last-modified
Thu, 07 Oct 2021 17:32:37 GMT
server
cloudflare
etag
"f424-5cdc6a616ba52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkLTOWCYkc7sJvTq8Oh9%2FJ0o%2BXe7trrNMFE3aL2bkW4qTWbsxfTvnUQiXXqzj0Ocr2tmtgxHOjsSTth7mYBxzpgeRCosc8ilVebtA5n6KhOo%2Bzrwz659%2FVx0CHTcgfWyuFgmPBK%2FOwEvljxB2EVJLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30340fda90a6-FRA
how-to-replace-windshield-4.jpg
a.vermin-club.org/articles-2016/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-to-replace-windshield-4.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2934b58d9531b9a4d3955cd7beed46e40e7f4485bb34d1171fd33dd83f18f805

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53598
last-modified
Thu, 07 Oct 2021 17:22:51 GMT
server
cloudflare
etag
"d15e-5cdc6832eba13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRNKNGEG7hS6ZJmGxireh2XagO74PjBF0LFVD5xVKQNwGYK3s%2FzckauUCKSBjaNmw7WzjLg6jNRcinWsVeCVulvuV%2BqZKhSjReZWictRn%2BzR5CBqad6ebCBdYlmQzebajS%2BBadBu7NfHKReLPoeaiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341fdb90a6-FRA
how-to-rent-car-in-europe-6.jpg
a.vermin-club.org/articles-2016/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-to-rent-car-in-europe-6.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f482758b972d3c0ab780ef851221e57609b835ff075dece43fb00a6c984c23a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
98619
last-modified
Thu, 07 Oct 2021 17:32:30 GMT
server
cloudflare
etag
"1813b-5cdc6a5ae9948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zksHkTktgGdg0WWEuBvorq1jAjF6UNP7PwoEPd%2FQEI12vQrLka%2BZHHcFi%2FTkXQXvkJB3KCdUrVUIsDTKB7pJXfzF8osbWFmHWtpEzECcnbt8%2F01Ubp%2BTxh9opgSicO0cOFM7b1vFZZWjr0adKBcnaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341fdd90a6-FRA
symptoms-of-bad-or-failing-rear-window-defogger-switch.jpg
a.vermin-club.org/articles-2016/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/symptoms-of-bad-or-failing-rear-window-defogger-switch.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56844afb93461d6fe95b0119ea0f6c6d21bb146bf152e3185a8e8ab6481fc6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57880
last-modified
Thu, 07 Oct 2021 17:05:59 GMT
server
cloudflare
etag
"e218-5cdc646d809bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEbDyBccXwlDG5EU6AMmC1h6IKOctY0iIuha2ZOCi2f3t8Ud5fwtTdPvjWXyhz1fIWXhq7GD%2F8Icj1ZdXgPUlpYCu%2FV2McdtU03YQFbKFW9U%2FHWJQE6xqha1OU1T8wUC0bZw4chWMcQoXT%2BYKB5bQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341fdf90a6-FRA
p0659-obd-ii-trouble-code-actuator-supply-voltage-circuit-high.jpg
a.vermin-club.org/articles-2016/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/p0659-obd-ii-trouble-code-actuator-supply-voltage-circuit-high.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93dbba9a02085659c8c7261b8a5a39a75a42d460bdacdbfb948dc4e6991b2d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75898
last-modified
Thu, 07 Oct 2021 17:11:08 GMT
server
cloudflare
etag
"1287a-5cdc6594b8e14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8dLppobXGQvu%2FBPk8ZtNv%2Bm%2FE8R6POCI1nmNckXtR4WaBN2ftneMFQRyIfLRCskiSXJMMhys9dC7Ufwdf3qiUWO2Imoik6SypDSra86%2F5fJVD2WQwZmst%2F3TWFvhUPimiF30uaA%2BvKD%2FCtGxpk5rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341fe090a6-FRA
b1270-obd-ii-trouble-code-servo-motor-potentiometer-defrost-circuit-short-to-battery.jpg
a.vermin-club.org/articles-2016/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/b1270-obd-ii-trouble-code-servo-motor-potentiometer-defrost-circuit-short-to-battery.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93dbba9a02085659c8c7261b8a5a39a75a42d460bdacdbfb948dc4e6991b2d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75898
last-modified
Thu, 07 Oct 2021 17:58:16 GMT
server
cloudflare
etag
"1287a-5cdc701d92227"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iLpUavBp4yB%2BSvkmYaG7B2c2ymYu4OHaMcPZvELMVMNhl7j5liQqDYDUmbbStiTNDw9YSC3rzYLJgDj5pdm%2FAVAdS6oSqnbpoREWWQq1nr1z6DbRfpMhWXIBqdX8iqbV8wbSlSj41UhAlQaAoHtJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341fe390a6-FRA
b1393-obd-ii-trouble-code-power-door-memory-lock-relay-circuit-open.jpg
a.vermin-club.org/articles-2016/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/b1393-obd-ii-trouble-code-power-door-memory-lock-relay-circuit-open.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93dbba9a02085659c8c7261b8a5a39a75a42d460bdacdbfb948dc4e6991b2d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75898
last-modified
Thu, 07 Oct 2021 17:58:20 GMT
server
cloudflare
etag
"1287a-5cdc702159a9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfWqif15be8sz98UF4WgSgWxvR3H5CfeLn3hvpy6n0t89awBi9N1T3UUWbo7mrtMlJXCwtWVlKEixnzfBeKdHBnklb5g6qBXELnb0K0q9m9AnpJe2Z4TQrBe65mgob50hJOwayREzHAfkoseVPty2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341fe690a6-FRA
helpful-tips-when-buying-your-next-used-car-5.jpg
a.vermin-club.org/articles-2016/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/helpful-tips-when-buying-your-next-used-car-5.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e372117e4b3648f815534f3911d6536a6fd881bbf073d469a9e78dea5e6bb66c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67054
last-modified
Thu, 07 Oct 2021 17:55:01 GMT
server
cloudflare
etag
"105ee-5cdc6f63c024f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAlTzYAz%2ByuBT09UN3J4tcX%2FLyx9sawSXAhV4rL3wt2sefsN9Fg%2FSf9m5rC29DA%2FvHC3jzESo9GGRpbPWMddAOsrWEERpgAy8xNlut%2B02ZIECUXJCS%2BSTYEq35iwCr2VO49lcp7GxkkAs%2FEkM%2BnvQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341fe990a6-FRA
how-do-i-prepare-my-car-for-summer.jpg
a.vermin-club.org/articles-2016/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-do-i-prepare-my-car-for-summer.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
819748aea478c2f8f70e789c68753ee7d1b3a52896eda533007f2a163f2e259f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109780
last-modified
Thu, 07 Oct 2021 17:54:59 GMT
server
cloudflare
etag
"1acd4-5cdc6f61e8adf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPq9rE8xE7uX0Gchuh9YsJKY2ar1VoKjh8QaUOwuQLgGhCEWH088caVbht1tUaPIJ%2Bzkog%2FmWkqL5fXfaIVqFzC5r%2BlVFW2NVLgNy0EHcKJtJnmw5sKzz3QUyhfoN42chVAa4QHzUbLRujIIapzhjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341fee90a6-FRA
how-to-find-inexpensive-used-cars-3.jpg
a.vermin-club.org/articles-2016/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-to-find-inexpensive-used-cars-3.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1521f83cdc8166cb593ec0f360fc007120d5904bd4c9990d625891fe049ea50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100581
last-modified
Thu, 07 Oct 2021 17:43:27 GMT
server
cloudflare
etag
"188e5-5cdc6ccd69d96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05hOPrazIaNYMPIUKYHhh1TtURoYixZ8BYmAhKWj6%2BdiMGkkpA9n6B%2FVhQ0hASeQ4vNFtQ9NUnaEI9mS4CdrwJiF6nPHiDOkVruSOysm56JvmfmbzVq9nyJ49eOX2t7wRC8XPn1c%2FDKjXvpGm65SIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341ff090a6-FRA
what-steps-must-i-take-before-buying-used-car.jpg
a.vermin-club.org/articles-2016/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/what-steps-must-i-take-before-buying-used-car.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e16dbb8345e55400e35805c68815ae8697b1ce296c715a2546610d569651a107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73700
last-modified
Thu, 07 Oct 2021 17:01:55 GMT
server
cloudflare
etag
"11fe4-5cdc638499d05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IizjVURAcsyWPAslD4MjYsvtFxYyV3oBKPBuHEdA2sU8Csav2%2BouAxhfT5jbKXQJNwceRDt%2FOTIOokOozIuubNxO22gqF%2FVIPB4FNbiSUKnZq%2BdxHmaYBCH0EKEIBf57Sas3oRTfnUKQa0wN5M%2BHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341ff290a6-FRA
how-to-detail-car-3.jpg
a.vermin-club.org/articles-2016/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-to-detail-car-3.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e85a31cb7588db1e0d86283166153648ce68d996aa47523f0a75429aa385516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55803
last-modified
Thu, 07 Oct 2021 17:46:01 GMT
server
cloudflare
etag
"d9fb-5cdc6d60be978"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5oX19U9W300L7AqUyLxoJR3XoJ9GfqVygnrVxbPt0oEthRLZMKDwFVriUn3ZJL4ym1k2bY4DYLQihqS%2FSfFNWL9bH%2BcBW0GoHkM9gktccB2laSQrKOMkXrZm7imHN0fAvTQhgnOguiGE8ug2c4e8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341ff490a6-FRA
buyer-s-guide-to-2012-scion-tc-2.jpg
a.vermin-club.org/articles-2015/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2015/buyer-s-guide-to-2012-scion-tc-2.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31131544d46468158266c1e49e72d94c76ba97dc191e3aab9bc321d13e223713

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57879
last-modified
Thu, 07 Oct 2021 16:57:13 GMT
server
cloudflare
etag
"e217-5cdc6277f55c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbBtM%2F4lMxyzjE1c0BRVFqqGnY6v2OjpejjXUK8uuEtkCbzSx2pEfIwkVPMP2DuVXUrggc0JjZ8S94tiDQaPUyUjvQgcjupnNzMQCXzgg1b%2FJQH2XZfZH1eCr3NSov9LZKQIF32l%2FSxC3x%2FScruBoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341ff590a6-FRA
buyer-s-guide-to-2012-hyundai-genesis-2.jpg
a.vermin-club.org/articles-2015/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2015/buyer-s-guide-to-2012-hyundai-genesis-2.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9256343b432573ca02984acc2d9093268f49e9fe20f09da83eb9ed03ec19f0c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63993
last-modified
Thu, 07 Oct 2021 16:58:39 GMT
server
cloudflare
etag
"f9f9-5cdc62ca21a7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BPbjFvHnTsGM%2BQJ1KpbOSAqh2%2BnW5OUEXiAd701STeQ61OR06GIUXcu%2FqpmJXEeQkIlZlijEFGjkyG%2BWzTmHT7m7usz468ICg7orFP0uPfu5BWQZ9iFak9jY7QaTaTt%2BRQ86QFivSHqKD%2BKjkMO%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341ff690a6-FRA
how-to-become-drag-racer-6.png
a.vermin-club.org/articles-2016/ 		347 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-to-become-drag-racer-6.png
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a6ad157feede3b3ecaf7cb3ee10d95f143c3ee89d8f5cf8d4bb215864acb8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
355740
last-modified
Thu, 07 Oct 2021 17:51:50 GMT
server
cloudflare
etag
"56d9c-5cdc6ead477d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSya918PCutKVFuBpnlld%2BhMsLbXWFFPtjypV8VlkCmGTPNiCcRwy3TfLHBg%2FiQhBzqUPDXjKBZ8S6AhyjjuYbMb%2FAJYc%2BLEdKqqmy%2B6enKFTx2eLI3TFSStRE%2BHorVsDoVlId6ouWunigEzoAhuHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341ff890a6-FRA
p2666-obd-ii-trouble-code-fuel-shutoff-valve-b-control-circuit-low.jpg
a.vermin-club.org/articles-2016/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/p2666-obd-ii-trouble-code-fuel-shutoff-valve-b-control-circuit-low.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93dbba9a02085659c8c7261b8a5a39a75a42d460bdacdbfb948dc4e6991b2d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3127
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75898
last-modified
Thu, 07 Oct 2021 17:08:31 GMT
server
cloudflare
etag
"1287a-5cdc64feb1cda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPyVYMaTyEitpdkRKRSUiMnUXOftbPK%2F2sV%2Bf7UI%2Bsy8LtbOeZQf0wpxjzY5JO08Q26nvrVKERMql%2FJJFft4CiG7wMyofru5%2FFRo8gE7tXSX8DzDNYTt932cMGt8oRzkAbE5HPWLkCvGRTNRd00yVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341ffa90a6-FRA
how-to-replace-an-ac-line-6.jpg
a.vermin-club.org/articles-2016/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/how-to-replace-an-ac-line-6.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9816cc14682b7b8fb965b5220593505dd1ff34dcfdb948a36008c48c325a0b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3125
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60074
last-modified
Thu, 07 Oct 2021 17:31:54 GMT
server
cloudflare
etag
"eaaa-5cdc6a3871d6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcbtgNonipqaSzkKsF%2F9d9YyuYuY771CJi3UorcsCvLR1ESflQUHnznKUcOP6eoSom4fnaVR6zmUhW1kIXt5I4KdVkrleFl%2B3tKOCDOc2Mvyq8l5cH6N7KmdtlY4ETenuYkU7GLEItIXLzWFU85lsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341ffb90a6-FRA
p0604-obd-ii-trouble-code-internal-control-ram-error.jpg
a.vermin-club.org/articles-2016/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vermin-club.org/articles-2016/p0604-obd-ii-trouble-code-internal-control-ram-error.jpg
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93dbba9a02085659c8c7261b8a5a39a75a42d460bdacdbfb948dc4e6991b2d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3125
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75898
last-modified
Thu, 07 Oct 2021 17:11:12 GMT
server
cloudflare
etag
"1287a-5cdc6597d9d2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BM4NpRY%2Fr4FavH%2BnH02FEO%2B9XNyi76pKJjKxFybH%2FLQsap68L74QdyWxrh1YmYfWwGhnKJ738Za3eCU5rIOQ7NgBkkWxU5XW4KkA%2BpBoXTXubEIo1uby2%2F%2B0%2F3eH94CF6WSuJY72HzprzW5n1ExKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e5c30341ffd90a6-FRA
rocket-loader.min.js
pt.vermin-club.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pt.vermin-club.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Feb 2022 17:09:01 GMT
server
cloudflare
etag
W/"621d01ad-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJb6m7Ie3eeQ8lNgO3xb8n3ezbrJdAbNkkNIRjwarBJFNH%2FdY%2B5E4zKYMgeowCsbuNGhTVDXUiBbbHnXV7enSELIjtWYKo3eKKMjrThdbwjIh%2BiE7A75Vd%2FkfdgW7XeI3FvtXaln0mQnHM32itJZTYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e5c303378769010-FRA
vary
Accept-Encoding
expires
Fri, 04 Mar 2022 18:27:45 GMT
vermin-club.org.1207559.js
jsc.mgid.com/v/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/e/vermin-club.org.1207559.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6651fffda98208e6855973b91f755b8e410bbfce9c1e8019ce554527e533b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
content-encoding
br
cf-cache-status
HIT
age
3033
last-modified
Fri, 04 Feb 2022 07:42:26 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7K2N89H9WM5Z2C9T
x-amz-id-2
UEtw1Ja4GLJEBy2fOTSQjlgQbTFnDrbfaI9x0AkG+ByqgQmJX8zgu1yundjnEW+3H5DbZsVnIlM=
cf-bgj
minify
server
cloudflare
etag
W/"6854efcfea86afc2b039b6dcb402adbc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e5c3033bec85c08-FRA
expires
Wed, 02 Mar 2022 21:27:45 GMT
smrcp_19121001.js
cdn.zx-adnet.com/adx/ 		145 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36a368ba7810253a11eb30199fb05fe6c11a7ac87dbbcc5a546541807ac43f03
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Sun, 30 Jan 2022 07:45:32 GMT
x-timer
S1646245666.870129,VS0,VE0
etag
"0994f0b1ac5bc5d2669a183540dd0d6c6230ef8631759595efd9b52653e375eb-br"
x-served-by
cache-hhn4054-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Wed, 02 Mar 2022 18:27:45 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
19693
x-cache-hits
3
plugin.min.js
get.optad360.io/sf/6702b62c-311b-4e46-a8a9-c8d83b82a322/ 		408 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/6702b62c-311b-4e46-a8a9-c8d83b82a322/plugin.min.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ae00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d91b409fe56a5f77312fc52547d996b300c58cfdc216a1963e057e21394dd9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:31 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 15:41:21 GMT
server
AmazonS3
age
15
etag
W/"d106c4df06003c5600937ca880b61711"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2M5Yy998c5enHVC-QdrV1t5n2bJxBh-vacobGqzLR6TxuMgW-3a0Mg==
043aee8f-20fa-47ca-ae8b-9f162bc00eb1.min.js
cmp.optad360.io/items/ 		497 B
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/043aee8f-20fa-47ca-ae8b-9f162bc00eb1.min.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6c00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 01:57:12 GMT
via
1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
59486
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
497
x-amz-cf-id
uGiAxqrXksSqeUNSzWug9IdSe9KydRBpsxVX7YGyjbWrxx4rJ8MYZQ==
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
459147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5978
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-5148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INio6QiwmQTluAeBaSHE5hlNb8mSDgJLJ5meLVBMM5XkKuAQnWcE%2FczMBB4UK0pjsWlwj0NG3gAEgjcutZlWpAWOxND9nL8RUKFw2O%2Fj3x64ewpDpJimvDe0HgVvcWmqrmEru58CCe4bUxxfgahSKCBl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e5c3033a995f92f-MXP
expires
Mon, 20 Feb 2023 18:27:45 GMT
truncated
/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/webp
tag.js
mc.yandex.ru/metrika/ 		199 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-10fdc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69596
expires
Wed, 02 Mar 2022 19:27:46 GMT
mr.js
storage.googleapis.com/s2t-images/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/s2t-images/mr.js?0.8858283095236068
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvqn0WTA-4bmGBusdVHwn6hJZVXWQaWW_0UXN-P1dffBNGpwZ-hhg4x_hENhJSkFb_wfd2yI2yin2tATCCQhUh6ph31MA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
last-modified
Sat, 26 Feb 2022 21:42:55 GMT
server
UploadServer
etag
"115f5664d494ea5e45aad8061e45949d"
vary
Accept-Encoding
x-goog-hash
crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-generation
1645911775794865
cache-control
public, max-age=31536000
x-goog-stored-content-length
4449
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 02 Mar 2023 18:27:46 GMT
abs.js
cdn.zx-adnet.com/adx/ 		220 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/abs.js?0.7916620263069738
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Sun, 30 Jan 2022 07:45:32 GMT
x-timer
S1646245666.138730,VS0,VE37
etag
"5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
x-served-by
cache-hhn4054-HHN
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Wed, 02 Mar 2022 18:27:46 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
107
x-cache-hits
0
vermin-club.org.1207559.es6.js
jsc.mgid.com/v/e/ 		242 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/e/vermin-club.org.1207559.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/e/vermin-club.org.1207559.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3681a5d910d1a1dd3cad2dabccb1942c34eb31ae8327dc92e45e28528c569066

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
cf-cache-status
HIT
age
2157
last-modified
Tue, 22 Feb 2022 12:15:39 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZY6RKC01SNBBA3Z9
x-amz-id-2
2E4bE+6HhIqOQ2gi99TxWC/UIe9kSzeY8vWhWt/M5CpYBHHy3dorcuFlyMQfFc7MfsLKRjnSuMs=
cf-bgj
minify
server
cloudflare
etag
W/"7ec1f35fd9468ecc7ddc24d824e17256"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6e5c30357e9b6916-FRA
expires
Wed, 02 Mar 2022 21:27:46 GMT
checkabuse
cdn.zx-adnet.com/ 		73 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fpt.vermin-club.org%2F
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.7916620263069738
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
64fdd9773295183d22f04c1d44a02df8e39493c1d7f4352219d08c9aa27de417

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
gzip
x-cache
MISS
content-length
84
x-served-by
cache-hhn4054-HHN
server
Google Frontend
x-timer
S1646245666.183323,VS0,VE144
etag
W/"49-chMaIPpCUs+/KLXMisWPL4LZ0k0"
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
8e963904bbc2e6cb58f84e4012e801e9
cache-control
max-age=3600,public
function-execution-id
481kgb9mskzv
accept-ranges
bytes
x-orig-accept-language
de-DE,de;q=0.9
x-country-code
DE
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/6702b62c-311b-4e46-a8a9-c8d83b82a322/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4286da091b204ca52bb76d97556d3cd69edb29f6c507e4b094708fd35e65f628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27893
x-xss-protection
0
server
sffe
etag
"1147 / 706 of 1000 / last-modified: 1646243394"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 02 Mar 2022 18:27:46 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/6702b62c-311b-4e46-a8a9-c8d83b82a322/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ae00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:54:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
10028015
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
FEBB4gdbqvkFt4sv0Udz7yuF0UUI3W-nVpOMnK2KFaDEAgyyZ2yQjg==
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://pt.vermin-club.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Mar 2022 18:27:46 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://pt.vermin-club.org
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://pt.vermin-club.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 02 Mar 2022 18:27:46 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://pt.vermin-club.org
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220302
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eed8af1320fddb7e185ca372f0c96333140ed15e5ec9617c861d832d4757649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12391
x-jsd-version
1.0.1269
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19148-FRA, cache-mxp6968-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69b-ezr71ImBkO4rjYGkZiFIyMo0vN8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6e5c3036aa6b5a19-MXP
localstore.js
script.4dex.io/ 		483 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25715
x-amz-request-id
txb8363e5f39e24d129c819-00621f52a9
x-amz-id-2
txb8363e5f39e24d129c819-00621f52a9
last-modified
Wed, 02 Mar 2022 11:18:22 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpSLLxngRIUr07e0CasAxCr%2BCNXW0eNxEZK%2BP%2B2qfylRZIn7GCBNFl2%2BEaOOm5F3%2BP4Xqw%2FVTX49WMKWUFZzNGwCLl9lnIK5V8AqtZ1U1xaNdeRL6yd%2B2zeLTkqpWPKsfLRWbZFwOh8UJQSZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1646219902508439
cf-ray
6e5c3036aa613754-MXP
apacdex
useast.quantumdex.io/auction/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://pt.vermin-club.org
access-control-allow-credentials
true
cf-ray
6e5c3036bb573755-MXP
prebid
ib.adnxs.com/ut/v3/ 		138 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f2b0f934c75611fe25d683678c7f60d8424e31bd95eb8638a84e4ff08b712eac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:46 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8c4ccb4b-cedf-4081-881f-18a7c12a8277
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pt.vermin-club.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:46 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://pt.vermin-club.org
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		50 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:46 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e2130296-4e1f-45b1-a861-6cb4687f5c2d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pt.vermin-club.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.14.0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
959aee25eab75a97e08dca93b6e55666cfecda326ba941a7e947202bc348484f

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Mar 2022 18:27:46 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pt.vermin-club.org
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v2
i.connectad.io/api/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://pt.vermin-club.org
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6e5c3036cc2283a0-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.vermin-club.org
date
Wed, 02 Mar 2022 18:27:46 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.vermin-club.org
pragma
no-cache
date
Wed, 02 Mar 2022 18:27:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
c
prebid.a-mo.net/a/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.vermin-club.org
date
Wed, 02 Mar 2022 18:27:45 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
/
ssp.wp.pl/bidder/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.vermin-club.org
date
Wed, 02 Mar 2022 18:27:46 GMT
access-control-allow-credentials
true
server
nginx
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary
Origin
accept-ch-lifetime
604800
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://pt.vermin-club.org
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.vermin-club.org
date
Wed, 02 Mar 2022 18:27:46 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
apacdex
useast.quantumdex.io/auction/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://pt.vermin-club.org
access-control-allow-credentials
true
cf-ray
6e5c3036bb5b3755-MXP
bid
ap.lijit.com/rtb/ 		24 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.14.0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
d457191b7d4df9881e56049184e4ace3f8f4dcc6ead7d4d2257c5cb0dab8f66d

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Mar 2022 18:27:46 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pt.vermin-club.org
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
translator
hbopenbid.pubmatic.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
272dfdf608f1f8967b383b78154327471ebe20234a219939f54ca390d40e145e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:46 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3474f8f1-c658-4507-a6c8-30687fd725a3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pt.vermin-club.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ 		0
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:46 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://pt.vermin-club.org
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
c
prebid.a-mo.net/a/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.vermin-club.org
date
Wed, 02 Mar 2022 18:27:46 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.vermin-club.org
pragma
no-cache
date
Wed, 02 Mar 2022 18:27:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
v2
i.connectad.io/api/ 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://pt.vermin-club.org
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6e5c3036cc2683a0-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/ 		50 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:46 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bbfba6a8-0de2-46ea-b11b-bf25a4572976
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pt.vermin-club.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.vermin-club.org
date
Wed, 02 Mar 2022 18:27:46 GMT
access-control-allow-credentials
true
server
nginx
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary
Origin
accept-ch-lifetime
604800
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pt.vermin-club.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://pt.vermin-club.org
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9565.uSWtWGheDbg7OxBmIGQypIVLCinH4649imtFPQSAbemkcykVMjBbTzxS_LbyQMYv.F9ekd8b_Z4unevZ1utyI1C92o34%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9565.YNPBQptkZcDmmp8pBPtQUwjabTmtEVrpsmlmcEotRTmYact7M-iZlb0TzhlIddfbyCaCgbM7NtEQs2_ghn3_tw%2C%2C.NfmnID8CF_SUZt7AD8lJYVfeCC0%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9565.YNPBQptkZcDmmp8pBPtQUwjabTmtEVrpsmlmcEotRTmYact7M-iZlb0TzhlIddfbyCaCgbM7NtEQs2_ghn3_tw%2C%2C.NfmnID8CF_SUZt7AD8lJYVfeCC0%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9565.YNPBQptkZcDmmp8pBPtQUwjabTmtEVrpsmlmcEotRTmYact7M-iZlb0TzhlIddfbyCaCgbM7NtEQs2_ghn3_tw%2C%2C.NfmnID8CF_SUZt7AD8lJYVfeCC0%2C
date
Wed, 02 Mar 2022 18:27:46 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
last-modified
Fri, 18 Feb 2022 11:36:57 GMT
etag
"620f5aa9-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 02 Mar 2022 19:27:46 GMT
gw_251221.js
site2text-2021.web.app/ 		0
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://site2text-2021.web.app/gw_251221.js?0.5472711580144378
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.8858283095236068
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
server
Google Frontend
x-timer
S1646245666.407796,VS0,VE257
x-served-by
cache-mxp6977-MXP
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/html
x-cloud-trace-context
dc1402bc074bef1f0fb94f9f1fd9fb85
cache-control
private
function-execution-id
x4nb4yi1qxd2
accept-ranges
bytes
x-orig-accept-language
de-DE,de;q=0.9
content-length
0
x-country-code
DE
x-cache-hits
0
pubads_impl_2022022401.js
securepubads.g.doubleclick.net/gpt/ 		363 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 17:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124299
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 09:41:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Mar 2023 17:54:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		78 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pt.vermin-club.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
dad2d9315a8b46cd1f451c974d866158f97bd50d6104c2465b0bc397ef1981c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76
x-xss-protection
0
expires
Wed, 02 Mar 2022 18:27:46 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5c49768a0cb2abe8f27e94deb8300459def300188a36aa55ae20afae9f271a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx3b2aff0232b6448dbcc1d-00621f52bb
cf-ray
6e5c30372f770e02-MXP
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-id-2
tx3b2aff0232b6448dbcc1d-00621f52bb
last-modified
Wed, 02 Mar 2022 11:18:21 GMT
server
cloudflare
etag
W/"5d5b862594e1ad91509d42ef71b1516c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beoJYgEn0NpvF0zL9uuLWKSHWZdDWn9zmBqIvWc90xuo6YhI%2BS7SmCg1Tpq0TYvfkgKJh43Re7MTaQC0fOQKVSYi3DhzOo5gAg8pcfkU9EhhLuIu132rMq50jOYLVvmtSwF3vKLAYxiAcZk2"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1646219901603645
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
Authorization
1
mc.yandex.com/watch/49262191/
Redirect Chain
  • https://mc.yandex.com/watch/49262191?wmode=7&page-url=https%3A%2F%2Fpt.vermin-club.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A410%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.com/watch/49262191/1?wmode=7&page-url=https%3A%2F%2Fpt.vermin-club.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A410%3Afu%3A0%3Aen%3Autf-8...
357 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/49262191/1?wmode=7&page-url=https%3A%2F%2Fpt.vermin-club.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A410%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1003727046311%3Ahid%3A888162128%3Az%3A0%3Ai%3A20220302182746%3Aet%3A1646245666%3Ac%3A1%3Arn%3A495543453%3Arqn%3A1%3Au%3A1646245666552382739%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646245665556%3Ads%3A0%2C43%2C54%2C6%2C137%2C0%2C%2C21%2C0%2C547%2C547%2C0%2C289%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646245666%3At%3ADicas%20De%20Mec%C3%A2nica%20Profissional%202022&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
57b370786b2c9b823d1f51eaa0baa17d718627561f7bea97bcd01b39547ac1e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 02-Mar-2022 18:27:46 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pt.vermin-club.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
357
x-xss-protection
1; mode=block
expires
Wed, 02-Mar-2022 18:27:46 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:46 GMT
last-modified
Wed, 02-Mar-2022 18:27:46 GMT
location
/watch/49262191/1?wmode=7&page-url=https%3A%2F%2Fpt.vermin-club.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A410%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1003727046311%3Ahid%3A888162128%3Az%3A0%3Ai%3A20220302182746%3Aet%3A1646245666%3Ac%3A1%3Arn%3A495543453%3Arqn%3A1%3Au%3A1646245666552382739%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646245665556%3Ads%3A0%2C43%2C54%2C6%2C137%2C0%2C%2C21%2C0%2C547%2C547%2C0%2C289%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646245666%3At%3ADicas%20De%20Mec%C3%A2nica%20Profissional%202022&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://pt.vermin-club.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 02-Mar-2022 18:27:46 GMT
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1646245666722218724003&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpt.vermin-club.org%2F&lu=https%3A%2F%2Fpt.vermin-club.org%2F&sessionId=621fb723-131e0&pageView=1&pvid=17f4be35fa2829adb99&site=718136&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/e/vermin-club.org.1207559.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e5c303918cc5c08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
cf-cache-status
HIT
age
2697
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e5c303939075c08-FRA
expires
Thu, 03 Mar 2022 18:27:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
cf-cache-status
HIT
age
1492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TAP7D9AX42CTQWCM
x-amz-id-2
yWiQkf6i6fP7LLOyAenFd/HG+4L6aOdgW5NCjbh4tPZbMZ6HKWByoWrIYipkAdjN8x6oyYYEkno=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e5c303939035c08-FRA
expires
Thu, 03 Mar 2022 18:27:46 GMT
1
servicer.mgid.com/1207559/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1207559/1?pv=5&cbuster=1646245666796890029208&niet=4g&nisd=false&jsv=es6&w=1200&h=212&maxw_3=228&maxh_3=182&cols=5&ref=&cxurl=https%3A%2F%2Fpt.vermin-club.org%2F&lu=https%3A%2F%2Fpt.vermin-club.org%2F&sessionId=621fb723-131e0&pageView=1&pvid=17f4be35fa2829adb99&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/e/vermin-club.org.1207559.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a588f65cb699444392b9183c6ea5304f61f3a9c8c91dfc83b7abbd7d79de85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e5c303989cc5c08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/e/vermin-club.org.1207559.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
cf-cache-status
HIT
age
2697
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e5c3039e8d26916-FRA
expires
Thu, 03 Mar 2022 18:27:46 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/e/vermin-club.org.1207559.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:46 GMT
content-encoding
br
cf-cache-status
HIT
age
1492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TAP7D9AX42CTQWCM
x-amz-id-2
yWiQkf6i6fP7LLOyAenFd/HG+4L6aOdgW5NCjbh4tPZbMZ6HKWByoWrIYipkAdjN8x6oyYYEkno=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6e5c3039e8d96916-FRA
expires
Thu, 03 Mar 2022 18:27:46 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMWU4OTYyMjJjMmMzNmY0Z...
s-img.mgid.com/g/11739868/492x277/-/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739868/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMWU4OTYyMjJjMmMzNmY0ZWRhMGM2MTNiZjk1Nzg4NzEuanBn.webp?v=1646245666-BR0tscCVcZrzWr_3VmTuDPSk1G-PwXF963vkH8k5hxk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2683f94ce8822ebc0d92d7c16c84ac4cddfb20b7c483cb4800e34fa16b47190

Request headers

Referer
https://pt.vermin-club.org/
Origin
https://pt.vermin-club.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:47 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:52:43 GMT
x-mg-request-uuid
bea8074b-46ef-42a6-bf89-d7d20432c8c5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e5c303a1fcf5b26-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21192
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwO...
s-img.mgid.com/g/11739845/492x277/-/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739845/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwOWZhYTcwZGQzODQxZTliMTQucG5n.webp?v=1646245666-HCyf7eLhZIoAsDseLJsW-iAOBx1VQY0EhIDBDqBHG-M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4

Request headers

Referer
https://pt.vermin-club.org/
Origin
https://pt.vermin-club.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:47 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:52:34 GMT
x-mg-request-uuid
2472963d-c816-4527-8893-26f1e4cb1e98
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e5c303a1fd35b26-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19212
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2YyYmEwNmU2YWZkYjFmY...
s-img.mgid.com/g/11739860/492x277/-/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739860/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2YyYmEwNmU2YWZkYjFmYzcxNjY5OGNlMzZmYjU4YmIuanBlZw.webp?v=1646245666-00qRpbynt3_48AN3bQozDFiH3ewoEKZDbFd_LbPQucw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1921065dc2b974eeba17a2617c121528af4dcab92c688db4d249f4aeca802a

Request headers

Referer
https://pt.vermin-club.org/
Origin
https://pt.vermin-club.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:47 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
1b82f1b6-7eb3-43c8-8f3b-e8615c6126cf
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e5c303a1fd75b26-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16040
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzM0N2M1YTg5YTljZTNmY...
s-img.mgid.com/g/11739850/492x277/-/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739850/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzM0N2M1YTg5YTljZTNmYWU0YTA1YzZiNThiMGI0NzkuanBlZw.webp?v=1646245666-ZZaGBvjQZ3rMxJKv3OjQsiBY11vkGfxYNJab22iVLoA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a1e30f1bc06b771318233a41c45114a00485c8ae2f744ff2cad69863d04281b

Request headers

Referer
https://pt.vermin-club.org/
Origin
https://pt.vermin-club.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:47 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:53:12 GMT
x-mg-request-uuid
e559acc7-e3ff-4c2e-8f1c-08d3afc0acfb
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e5c303a1fd95b26-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12876
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTY0LHlfNDI5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC85MjZiN...
s-img.mgid.com/g/11739865/492x277/-/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739865/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTY0LHlfNDI5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC85MjZiNjgyZGMwYWIxZDIxM2VlNzhiMDU2MzdkYjQwYy5qcGc.webp?v=1646245666-OPyTqMXwxEyKqGBJV0WgWXhrroMiybv6Zdb7l355zo0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0d315a355c315908f0a256fc58318021dfb8be992960d9d5317d2531d44e4a

Request headers

Referer
https://pt.vermin-club.org/
Origin
https://pt.vermin-club.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:47 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
e55ec00d-9bee-4aa9-b1df-356c002ea35b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6e5c303a1fdb5b26-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21154
server
cloudflare
i.js
cm.mgid.com/ 		0
136 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1646245666905140566325
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/e/vermin-club.org.1207559.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e5c303a3b1b5c08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame ED3E 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1646245666928220452425
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/e/vermin-club.org.1207559.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6e5c303a5b445c08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pt.vermin-club.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:27:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pt.vermin-club.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:27:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=849674774045444&correlator=2361880783180081&output=ldjh&impl=fif&eid=31064957%2C21068766%2C31065401&vrg=2022022401&ptt=17&sc=1&sfv=1-0-38&ecs=20220302&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_1st_group_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&dt=1646245667310&lmt=1646245667&dlt=1646245665795&idt=617&biw=1600&bih=1200&oid=2&adxs=450&adys=1200&ucis=1&adks=4207632455&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fpt.vermin-club.org%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=700x-1&ga_vid=197418647.1646245667&ga_sid=1646245667&ga_hid=1914313040&ga_fc=false&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c994d197ae60fc8b6d0650e1020c7186d0104cb2e7968ced5fb5b046eba41abe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32846
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pt.vermin-club.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022022401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1715553a4bc415043f4f7ed6a97f30053378c84c67f503a60ed2ef60d7640b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:27:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10658
x-xss-protection
0
container.html
32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1CDA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 02 Mar 2022 18:27:47 GMT
expires
Thu, 02 Mar 2023 18:27:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=849674774045444&correlator=2361880783180081&output=ldjh&impl=fif&eid=31064957%2C21068766%2C31065401&vrg=2022022401&ptt=17&sc=1&sfv=1-0-38&ecs=20220302&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&dt=1646245667331&lmt=1646245667&dlt=1646245665795&idt=617&biw=1600&bih=1200&oid=2&adxs=450&adys=1200&ucis=2&adks=425309194&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fpt.vermin-club.org%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=700x-1&ga_vid=197418647.1646245667&ga_sid=1646245667&ga_hid=1914313040&ga_fc=false&fws=640&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
33b83e122012e483cdc56c5be150a7d45fa0cc3224222125afc7757938a1d754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7971
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pt.vermin-club.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Mar 2022 18:27:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B4D9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Mar 2022 18:07:28 GMT
expires
Thu, 02 Mar 2023 18:07:28 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 962C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8367e5ca21af3ca77e1b60baf5f8c446b4498fb143d1bd2238a73de185a91821
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yubykh1E+Eaqd8t/VMOcPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 02 Mar 2022 18:27:47 GMT
date
Wed, 02 Mar 2022 18:27:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-yubykh1E+Eaqd8t/VMOcPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mF8jAiIKdU2I24lDkXEdvB6f9nJ-5cys-Upa-8ZRieM.js
pagead2.googlesyndication.com/bg/ Frame B4D9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mF8jAiIKdU2I24lDkXEdvB6f9nJ-5cys-Upa-8ZRieM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
985f2302220a754d88db894391711dbc1e9ff6727ee5ccacf94a5afbc65189e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:44:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
9782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 15:44:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 962C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022022401&jk=849674774045444&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B4D9 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-tDxmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 832F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Mar 2022 18:27:47 GMT
expires
Thu, 02 Mar 2023 18:27:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5885 		624 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COykVhCv2FYYpMiiwwEwAQ&v=APEucNUk26LoHZRvl5As0eYU6b-W2jHKSTTKYqs3czP7EfFPUlDd5-u9fcLpcSslIQlaKLFbX0yjqRlwQYGDTQYpKw6uSCBv6l6lOzbKd-Qg3zFLvcgNtonEqTJKxmwY4F7uBsYjuCrsYxwSXdHISp7po4r9ngYJybeKDuMq1y8FF4oy5NiS35vu9MHj83yV0e10yi-q9JJZ9VYGl9VaNEzhZ-dYnafZ7A
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Mar 2022 18:27:47 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Mar 2022 18:27:47 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/ Frame 832F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite_fy2019.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7ca3e7ab9349be85f6dec597eef84d52fec3bc3ea0f5d42c8beca1b3e9c93f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7890
x-xss-protection
0
server
cafe
etag
9159073006381693422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:27:00 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/ Frame 832F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:01:23 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 832F 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssERBmaBC1x65UMq2dwO7WHE3tEyf9cjoGE0cIenANSOCzWGeLdOajt4QaylFc3hIg--72OHXCjQOxHdOly4rxxBdqoEnIY-xx9_bQBSz72i4qYXsTEHb2_lhKmv0BzSbt2gB3xpNtpn1wPELGExGg9z_BsdkgoKbmUH3HoVu1_eVBgx3yqncc_bY9nrhrQIz-nPHnUMljdj7Cs7VcQk52nDocWgcqdWhW-99PslMsOKFSTHXOC308K5kFKxVOlBabQDHt0d2CRn4Dw3otiicR6VuLf_7vAFkx44jYoaM6Uy4qXYXyH4CqUjS9fBLEgD17mPjjoruRZg4xI3d03poSvpI8G89LCuuM0NDKpRJ6n348RP71nVt6QVJSN59hKIH4FMpqAafvGrJXGhyf3HtLrn7fmBGXXV3H2kzGdOu7NAdoRHBsbRWr4Ur2y6VtB4ji0iw-dA-SYjSz5Aguuv7aVtfg5hIxJCkjeN33_LBCN5XVBTBdbEYBK-V3uVtJaOH9WXybyDaSS-qFwGptvBldl9jr3oNVtBFO5F0nARRlemdHClXOTdLC2TG1Oz7TP_HtL5I-06AQr97TImJpec3XxzikMTzUdsd8d9vC-by1R2DcLzYFpUttxJhOYgV3s8DNl64piBbWbvmQh7ezWp6pApwjninRnmGQWfaQnafSom60zc8xxFKmRXWb1ZD-Ff7L_23mrjarOthbqjD7TpIWUpiMk38LGRquif6fHy-QpFmc9xbMy6MXAM-si_hifM9V7ml3wKrYnHACHRKK6b3ZFqelkCop55xm2kExk_SU3LErK9UxUYQm9KSesWTjZpPACkEoTLFtQfPoElFch9PRSGT8Otwm87dOl9r4PWBWuIVOPSzWRmH97WSxhJ71c_WDIVJxkA5YSuvxFUGv9Xn_nDqioXyvggE-UVBrvqsFnOrFn4XLpyYaVPDHbINoYAIOC9nvO1zMh1GV1NzK9RM3IXWpfk4qrJhbNyzF8YbA0FLgUfmGY0haqG1JT6k_MboODGR-fy1RmoO4eoC8haxcx8KJZOkQAIfm1o06u6yVSMh5kYil48qFLI3LWMx2lIQopt6rM8JbWe-yQYhVKiE2fbXycf_-1lsuOfvtfWp3l5l9PazeL3dJJHjnnnQ7OdleeWhh9-T6yLJna5S5EiTN6zX1q7zdUndXCjVxwMEdPYV1ZJsjES-J8dtNBlSES_XOzatYbfLazPoiXY1dlNyucbcpAEu3vTBsn4ieuz2ilD5ko6k8OO-Cm5bWwD4pf1bSLZPeUvu868h8QplQUql9vgK3hoEnCsQ&sai=AMfl-YSOnCTBQlTL5kErdWKf_GpzUHk9Lcw2zdOdzF8Xf7NavRHAFBcVpN4MoaoWd1lgSFoiQa5vaCOoeGMeiBwvEk--BEzCY2_xYz7NJqAmblmiSzLxrVnOD-7qg636SFFkiyLRpUbf_KbouiTQJOc64ugSExfKJvI9vQPUwPNof0ebDU5bTFGbQCnHzUSqRXfV0wqTe_R7c69O3aGEPlNr0rzStlOtJ7mWgqsrkLEy9UmAfKbndiFexRBfwTc2fX_8OALNj0QOgf3fHvQY5A3cZoykny5EYlKwqPmSbTgltwGzg_T0DzeLFiIYxiCgh-xHKBDd3ar8K3Wi1OL2m6Dge6m4L8foo43Hopnb3nmdDHdjfFbkgOxDR4wRBTvrNGC6Kp9vdacjzurPIqQ&sig=Cg0ArKJSzB987Q1jinV0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220228.04075&adurl=
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 02 Mar 2022 18:27:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 832F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 13:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 13:52:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 832F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BxfteiXohos0dTU-7KWstDkj6NdGiIHhStl5hKtRBG6vksPu-9Opo2mxzDgOh9TfVNf-PmcW1g4_r6lidF7b6w-h4eQ62xQZ-FA5PURq9KmymFlSM
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 832F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/window_focus_fy2019.js
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:27:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 832F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6433
x-xss-protection
0
server
cafe
etag
3306657128042699500
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:26:04 GMT
l
www.google.com/ads/measurement/ Frame 832F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpwfIzi5XZ0T6YxH7-sdM8dqUnwgujhIhjQrnRE67_A3ECjzkoq_9PP7HGcqtQ7AmZ3jvoTz7Kf-_yufvycQ9Ndaalvg
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 832F 		124 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38862
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646052075697155"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Mar 2022 18:27:47 GMT
8354322451520997988
s0.2mdn.net/simgad/ Frame 832F 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8354322451520997988
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4bca94e170f6205d89140132c4e2c685cec1a035cf00bdfe8454fc9fea90b3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 09:42:47 GMT
x-content-type-options
nosniff
age
463500
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61493
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 17:17:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Feb 2023 09:42:47 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9FDB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 01 Mar 2022 13:54:22 GMT
expires
Wed, 01 Mar 2023 13:54:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
102805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 832F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b6693d257f27bf81d22a76d3e2f1ac3c15a1046961a54ea216516a257ff110f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
mF8jAiIKdU2I24lDkXEdvB6f9nJ-5cys-Upa-8ZRieM.js
pagead2.googlesyndication.com/bg/ Frame 9FDB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mF8jAiIKdU2I24lDkXEdvB6f9nJ-5cys-Upa-8ZRieM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
985f2302220a754d88db894391711dbc1e9ff6727ee5ccacf94a5afbc65189e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:44:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
9782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 15:44:45 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 832F 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssERBmaBC1x65UMq2dwO7WHE3tEyf9cjoGE0cIenANSOCzWGeLdOajt4QaylFc3hIg--72OHXCjQOxHdOly4rxxBdqoEnIY-xx9_bQBSz72i4qYXsTEHb2_lhKmv0BzSbt2gB3xpNtpn1wPELGExGg9z_BsdkgoKbmUH3HoVu1_eVBgx3yqncc_bY9nrhrQIz-nPHnUMljdj7Cs7VcQk52nDocWgcqdWhW-99PslMsOKFSTHXOC308K5kFKxVOlBabQDHt0d2CRn4Dw3otiicR6VuLf_7vAFkx44jYoaM6Uy4qXYXyH4CqUjS9fBLEgD17mPjjoruRZg4xI3d03poSvpI8G89LCuuM0NDKpRJ6n348RP71nVt6QVJSN59hKIH4FMpqAafvGrJXGhyf3HtLrn7fmBGXXV3H2kzGdOu7NAdoRHBsbRWr4Ur2y6VtB4ji0iw-dA-SYjSz5Aguuv7aVtfg5hIxJCkjeN33_LBCN5XVBTBdbEYBK-V3uVtJaOH9WXybyDaSS-qFwGptvBldl9jr3oNVtBFO5F0nARRlemdHClXOTdLC2TG1Oz7TP_HtL5I-06AQr97TImJpec3XxzikMTzUdsd8d9vC-by1R2DcLzYFpUttxJhOYgV3s8DNl64piBbWbvmQh7ezWp6pApwjninRnmGQWfaQnafSom60zc8xxFKmRXWb1ZD-Ff7L_23mrjarOthbqjD7TpIWUpiMk38LGRquif6fHy-QpFmc9xbMy6MXAM-si_hifM9V7ml3wKrYnHACHRKK6b3ZFqelkCop55xm2kExk_SU3LErK9UxUYQm9KSesWTjZpPACkEoTLFtQfPoElFch9PRSGT8Otwm87dOl9r4PWBWuIVOPSzWRmH97WSxhJ71c_WDIVJxkA5YSuvxFUGv9Xn_nDqioXyvggE-UVBrvqsFnOrFn4XLpyYaVPDHbINoYAIOC9nvO1zMh1GV1NzK9RM3IXWpfk4qrJhbNyzF8YbA0FLgUfmGY0haqG1JT6k_MboODGR-fy1RmoO4eoC8haxcx8KJZOkQAIfm1o06u6yVSMh5kYil48qFLI3LWMx2lIQopt6rM8JbWe-yQYhVKiE2fbXycf_-1lsuOfvtfWp3l5l9PazeL3dJJHjnnnQ7OdleeWhh9-T6yLJna5S5EiTN6zX1q7zdUndXCjVxwMEdPYV1ZJsjES-J8dtNBlSES_XOzatYbfLazPoiXY1dlNyucbcpAEu3vTBsn4ieuz2ilD5ko6k8OO-Cm5bWwD4pf1bSLZPeUvu868h8QplQUql9vgK3hoEnCsQ&sai=AMfl-YSOnCTBQlTL5kErdWKf_GpzUHk9Lcw2zdOdzF8Xf7NavRHAFBcVpN4MoaoWd1lgSFoiQa5vaCOoeGMeiBwvEk--BEzCY2_xYz7NJqAmblmiSzLxrVnOD-7qg636SFFkiyLRpUbf_KbouiTQJOc64ugSExfKJvI9vQPUwPNof0ebDU5bTFGbQCnHzUSqRXfV0wqTe_R7c69O3aGEPlNr0rzStlOtJ7mWgqsrkLEy9UmAfKbndiFexRBfwTc2fX_8OALNj0QOgf3fHvQY5A3cZoykny5EYlKwqPmSbTgltwGzg_T0DzeLFiIYxiCgh-xHKBDd3ar8K3Wi1OL2m6Dge6m4L8foo43Hopnb3nmdDHdjfFbkgOxDR4wRBTvrNGC6Kp9vdacjzurPIqQ&sig=Cg0ArKJSzB987Q1jinV0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=44&vt=11&dtpt=44&dett=2&cstd=0&cisv=r20220228.04075&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:27:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame 5885
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COykVhCv2FYYpMiiwwEwAQ&v=APEucNUk26LoHZRvl5As0eYU6b-W2jHKSTTKYqs3czP7EfFPUlDd5-u9fcLpcSslIQlaKLFbX0yjqRlwQYGDTQYpKw6uSCBv6l6lOzbKd-Qg3zFLvcgNtonEqTJKxmwY4F7uBsYjuCrsYxwSXdHISp7po4r9ngYJybeKDuMq1y8FF4oy5NiS35vu9MHj83yV0e10yi-q9JJZ9VYGl9VaNEzhZ-dYnafZ7A
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Mar 2022 18:27:47 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Wed, 02 Mar 2022 18:27:47 GMT
rum
dsum-sec.casalemedia.com/ Frame 5885
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yh.3I7VlC8V.UrxmdB3VAgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COykVhCv2FYYpMiiwwEwAQ&v=APEucNUk26LoHZRvl5As0eYU6b-W2jHKSTTKYqs3czP7EfFPUlDd5-u9fcLpcSslIQlaKLFbX0yjqRlwQYGDTQYpKw6uSCBv6l6lOzbKd-Qg3zFLvcgNtonEqTJKxmwY4F7uBsYjuCrsYxwSXdHISp7po4r9ngYJybeKDuMq1y8FF4oy5NiS35vu9MHj83yV0e10yi-q9JJZ9VYGl9VaNEzhZ-dYnafZ7A
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Mar 2022 18:27:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB8pLdLc_05-2TMTDAQRhM8&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5885
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELOxR4vl99H5Wx_JrJUY1co&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELOxR4vl99H5Wx_JrJUY1co&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COykVhCv2FYYpMiiwwEwAQ&v=APEucNUk26LoHZRvl5As0eYU6b-W2jHKSTTKYqs3czP7EfFPUlDd5-u9fcLpcSslIQlaKLFbX0yjqRlwQYGDTQYpKw6uSCBv6l6lOzbKd-Qg3zFLvcgNtonEqTJKxmwY4F7uBsYjuCrsYxwSXdHISp7po4r9ngYJybeKDuMq1y8FF4oy5NiS35vu9MHj83yV0e10yi-q9JJZ9VYGl9VaNEzhZ-dYnafZ7A
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:47 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
27cff577-38fb-4071-9289-0eb263f79535
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELOxR4vl99H5Wx_JrJUY1co&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5885
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI5NDkxNTQ5MTI1NzM2MDg2Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI5NDkxNTQ5MTI1NzM2MDg2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COykVhCv2FYYpMiiwwEwAQ&v=APEucNUk26LoHZRvl5As0eYU6b-W2jHKSTTKYqs3czP7EfFPUlDd5-u9fcLpcSslIQlaKLFbX0yjqRlwQYGDTQYpKw6uSCBv6l6lOzbKd-Qg3zFLvcgNtonEqTJKxmwY4F7uBsYjuCrsYxwSXdHISp7po4r9ngYJybeKDuMq1y8FF4oy5NiS35vu9MHj83yV0e10yi-q9JJZ9VYGl9VaNEzhZ-dYnafZ7A
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:47 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c6138fac-61fd-49d7-81ed-29a8fceb9786
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI5NDkxNTQ5MTI1NzM2MDg2Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FDB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1-sFI7cfYofJFp7K7_UPybmfuAkAAAAAOAHgBAI&bg=!Xl2lXRnNAAYFuXAgBbk7ACkAdvg8WqnorGwsbvMAJ95PFHJazCDJ2gFq2PFyb9DTPHfi_bDvqMRRXQIAAABuUgAAAAVoAQeZAvSc2RuxDB-Qt1krYQXo4Qe5HQ0CEMonIQz4mdlu6gr5zoqd2uiztAm_jD5uBJ8vlqnK1WFmT5Y6-6jAy5d9m3Q2IyNHyat5M-aV4Cvz4AjrI3uO1pEqNjfvQbT5hIhgTqd8oBcDV5djfHzRSdLpld8yUKEWXHVgegw7oNFn1JFyatJEbl5gjVm-sEvKd76U2MoDzqTbCpVQP14geikjJ6SD-eoyCJtxGPVLNEAb3yU2qQVW2t8shbcD7QznUXBcUfx-zcrVaGWTgeot_Q_ZlDBpRR_ah4r6vECY-Bl-2bJkz30eoZXHvlG-XZw7tLUq3GwI7c_1mh7T29jf_881P4s-Lj32iMxRg7c2D_vUxzcvaFTyjSeeCBl9cLbmsnFXCN_-QxsrXHDR44ajzRXNhQAAg0E5dyexDO6LZ_YxsYcRWdkAd_4NXr_FXiXkl0BBKMSzvW0vzUMEyNwCPjITlVLX__Awo0nXw0-FVVqh09NpxwgmOF34HRYQ5h_2CdEcfLTZKN39dkHsQ5eY3OgaYCcjK2B89QW6oqA1qJE30b_eNlfHWcbKxSsCOajKbH0F9XrxT5uK97Dv_F-Ki5xdsxKy-4PVxFv4AIG-iH7RPfJ1KCUdU44wKHCjkqx2TzGg8Vb6QZ2Emf8BJwJtr0hEL8D7r3KRSM0I6aJ0TVILWgA1KRKufX6WBncYvKaRkvUEZtx81VXtEIdpfRI-lAIfZvwCERvf0N4LEtwVFrWrlBUZoNjxAO9mLHOoURYvAeQfuFiKXy2O5EHYHOb2pAQXm_vdvNDh3nkO5eCkGAnbh1-3KisXoWN1gobcXQIxDrzc6RkCpYcco2Z_vLT1pcBswF50scrZEjsBqZvAXQ6R3y25r_4wV-SqYiWTu2-c9-Po3LbnW7PjISCiKO9SLowkDVCDHKmvoz8clQ-zQYt8QIErp7XNHwtEWqS6lmwXIyUgX45H1P9A4UPR_hmAtLMwY3h9PRpqk_ruA1hQAs_JasTumOacH14
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7405 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Mar 2022 18:27:47 GMT
expires
Thu, 02 Mar 2023 18:27:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2F0C 		640 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY-f6-vQEwAQ&v=APEucNUoV2vLN1eY3j7AEuz0WYETaWeM0QKHGhstZMWnNSwCFwOWTKlqWfr5nIZkrl8JyI8-yp4ydkxkCBmqY9F-SWnBwWXyDPDFQQBYEmUC7Q-4UDBZ1Mr5-S_PxjZyyr6X-Sy9lJHMhMst1em8sj84XLD-P9F3Ml2a1SBKI7IA-PJWDLg28oe5Buuzk9FhaLtXCpGqwjetZDS9dtzHZbvdC0SAiwsbHA
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Mar 2022 18:27:48 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 02 Mar 2022 18:27:48 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7405 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfTrRISAZGmqDescb9p8jjK_yUJJxZ_FghgdADYWnIvejsdoIxD9n7ykfU2uR7wlQrjNGjzX_ZDPdoamKGV2UWVefQGA0U7gqkWcOgGyK1Ldh6ffRstvnBYIAPs5oxIJfKKZcc4lSWk2z9HHVRnKt3Yes4pA&dbm_d=AKAmf-A1laWsmOQD_uyrU13Mw9nKn8suUiAFGOj1HmcI8CJBGbA1IcxewQpXcRWNd_Xqh_H9CKTc7K6zYAT0AMZo_iu7cJn5Jz-lb9V1pHiPkyiKGSxA4PUqIMvtvgHTu3appp5N8FDZbgGwUHgN29_UYjXKM5AZwP40tTAzZM09_u0dJhBYCUbpoABnArNxD7qw08irVDxoHmvaVCTPXuQcCWXA9p7of_Hg7n7V1PB_lWtk4SjjSn7pj-FZX0Tr9UTPXY_MpEOJ-fsPR91ObCaE2OSAjro8QjMikdfGrCWAfUMHPWP8LR44FCv5XNIi65qyR57HfwmJKUTn9Ptz_YU0yG6b3Usmyx7gUHA2wZP8aCFvvKk1rhlOtdIcUeEZW0MNwitNNgah6zCyCJ24PYZiN9CYqgHHwb2YMf5LEhznlI8ymz_uqjhLqviJGV1UxooTJR4BkCgLJSG8GNJI8-4WU6lgxUj1oOy6sNtaJtk9u3w5QblUsbufeJehxMksP5dNNtBnXErcUNz9-88eNAxmwsErxK3UK1Z53Mex5WyQx5Qqp4QSG4k33Z-nB68-off3pd2bw6pGtJDDEKxGg47T26i7xPgTBAMLOkUL3_W5-onFyHWo97zqVuSrJQ0WmQhV5tWVbDNSCG2ZQfCiVnaPejYPSwK3_nFhjbsXKtU_7txB6yYDuB-Vd1hkk94Uk9UQPi3AtgCD7rzxV_kUAXXxtEKDkKzfBaGUjA90q0WGY2hI_9400OKXkxGr_n4ec4YA7yNOKXReC5FGF8n-Y4RH4Y5T4skp28EkkZpjbIzBwkxiYdbl4JXQhd1JACwxmPr4s9-H5l3vCfTTyQQ-nZUz6Z7PS6f6gvCGz-9eYOYGwdr4qBVx828Yh8S7IpzL7qdp-tUvhc6iAB_yenOW__Svg2XTaJokPVIAL2h1bx7p5kcZgVrh-kwj5nKIrMbHjFiX5rX16ud76uS9JUOqiONenfawYWTsn2fEeZWLMndt6njH6qCMt1jYLuJnc8_L2oi90XhHmD1rZ52jeOy-GiQeVtj7LDB3BSbg5Ww3U_YD-qvovbrbrRylRsH6pPnqIXG9zKiAqE6qlfRCbOLfgtV4ZIQeO2pZauWIEcTlLgo5kKx42F0oU3FXmJ1OIbBr0LqvNtDLf9QrvHwTr_k8k-ezR0ainfX_cn_McIE_W4LDGWo-DidZMybDfH1-qtnc0-DSxn8akWq11tE9kKPlPDomivnUM3pyYSQ5hwqPuNT6JUFGlbIYsclKs8Cbnb1AWCxj3NcaJ6Sxl05E73VDE6WgiSyRx9XAk3mZqdGi43_Hg6cjGaR0uj9ZwQDrVRt5VksqrjTWezu4uLDlYwUeSQ5xaexUkr_zkHDV4ISbfyvSI2qznicoY4jFyo9FlX_p7qmvHFZs4AteMgiA1UG1hPIRTA8KqPz_YJEjaovQubxUkMqV1XBOoNEWL2igGtjUXfRkG3lUxxmIuYb_MgLMEavlnJug9W1WEUMsvZ614VT0vTEzXLyi9jLwpwGuphYKIFC8m5GBRxg_3pQayoSBYTEvvBsSw_QnW3AMyeP9UG3BTl4pNwPe9uxB-D60n5H-aOH9o7n0dTXf2wU91hy-WobSEX_NpbVIlCA_-TPI3mcvOh0sWfcPBBxptapqVcWwxz1O9cBnjDyLJebLx91wV9Hqo0NCAPOathpnV2s63TI0gzhtkI7eAsSGdwudUgHRLyK897t_6k4jfW8Bpp316LvqM5rO5KkbdIF9iQDu4-ZnO-IqDHTQPwU8W-HAyG4zQdQLy22_GB3MbC-Qs3Dt5z1CbzyZhE1s_p3xly7dr0EZ-GsVtP_O6kp4nToi1JGkBuBTaY_Sqm5hdLYYmhYAqlFQUJsTfEbh2MuvXY_orOp9_mo8GXwvdDGEPhkq6_oZjEHqhIT3-Gbne32UGlq7XWFObZfvD_q-MbVdm6IwkmugsQFiduN3SeXPGzVeOhCkYpZ7uV1TlYgOf6BjtsQQW5GzlzSth3pFvy0udWxS1mBuFK8p5NW3JM1V21LDwAVeRh4rNkv1zRn4WZT1KwRqe3GnObWTEXHckYt4ger-atBCk7a9x2VJkeiiZ1gMe0Oiuy2py9JlGk_zG_HBv3yvWQPbt4w6Q36l2Re-H3yTiPiLrGXfmvce9JPqf0Mv8K0RWcB6ZtyyChyrK2mrPizujXUl0AXhKzHn8YntZjXwAchz3x7-LZ5B3XO2mvLdn_owpFsudfqBRwi7eiwgMDrRm8SL2dYs3IY-fsQnr57hEAYZBfz5mbvEepjMRLUslQPHU9QUpYeOfnCv4lov3Z-024rPqU17gNrEoR5d9Yv7QLz5Ad0uhZohm2iXubF4Wx_k3X-PVxwpeAzj06xQMk-BotC9rzI-OTb2fFqlambM4zpjslEM1cC4GgddrAaTt9HzNDuZij3zTJ9CoHXnayWX3fQG2HiyeHGKyGw2ZDjmx54XC9Joe89Gvdzm0aD19M-awQ3BEEzquCsggw5F8OoqQs_5qUd8iNklllsN3pwolfb4FDmlDsXIlpI40Ma9E8BgcY8z7wuCH-ungmd6p-i3aOCm00HZ3Et8eRXt2k1IcofajwqF17o-KEuYAu88FFICNVZ4XD-eIEgoO0sCjEKXXldNDr0Yq3vKIeJTv1-eMiGHStErKRfW6ZLdL-92cyIo_2TQbJEyaDShyEDcUV0kmPayUPDKmphYu6xMV6JYP6wp9Fgyu4enWDgxTESYc8dUc1kEd9Nt7vsU-TfblxoSVrb-OscXItEX04Ju_zevZJSeh8b_gPcOHCl1YwCZe1UWOqdYJkANGTIdZlnj9LPeO2-1_XZ8V8p76T4BkvJrR0iVVq4nrwIx4sHJVWjLOvc0l3UDLXAHBfn7-DcE6Tzo0LSJijEhdpBl-a8xTmssJxTpX93E5_cwIYFOdMDs_RiHYkD_wDWHX4VGLkGByNtZ2utq2-0motBIakXI0JGgztap2EVsH9TBuTGLqrnEG6DY7tgRaWbsiirYt_gZVliv6JJ6uZTpig2GvCn6OmsuLlrgyXywHyER1UXybMr_PVjtfvMEPZlMr70E6k6EJs_oBnq_f3pez0XElR_25C8qbp0jjZLihNWi8fOjirt91Cp3pUJZYpMaxrhxzjbUuAQDhs1dUJevPe9k-LBUwHxeUgLUVLpDiFyL4jsBGSDOtQUpTvn3SiYyQhRXP0JnSCX-APyxidf8V8oLu1F-Qrird6eAPgYG-qYjsBEuYxRx81GEApGEUoJJE_gT65MNtFSMXE75RX_fouLufA&cid=CAQSLQCNIrLMOQGCPVZopYjxGEtFK8B9IlW9E-nNdDwQ6w1j2dtbKrjxK7n7365CIA&rfl=1%2Chttps%253A%252F%252Fpt.vermin-club.org%252F%240
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f404d500627b3287ae4a89dc9e31c0291a0ba4cc28371fd647e41b195f8afe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35816
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7405 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AB0f_-zYz3yOG9mPzxdCxDS9dwXpSTHx-Q_-Zofj8b4p0v7tmTSLMnK_iN6osqXx645YRSyfQ6wtg5XUb__tGX1GrF_7xDqFSgqXR0HGuvHGm2S3Y
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 7405 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/window_focus_fy2019.js
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:27:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7405 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38862
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646052075697155"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Mar 2022 18:27:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/ Frame 7405 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220228/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6433
x-xss-protection
0
server
cafe
etag
3306657128042699500
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:26:04 GMT
sd
us-u.openx.net/w/1.0/ Frame 2F0C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE7m3YvkWzGSKZaWs26KQPc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE7m3YvkWzGSKZaWs26KQPc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY-f6-vQEwAQ&v=APEucNUoV2vLN1eY3j7AEuz0WYETaWeM0QKHGhstZMWnNSwCFwOWTKlqWfr5nIZkrl8JyI8-yp4ydkxkCBmqY9F-SWnBwWXyDPDFQQBYEmUC7Q-4UDBZ1Mr5-S_PxjZyyr6X-Sy9lJHMhMst1em8sj84XLD-P9F3Ml2a1SBKI7IA-PJWDLg28oe5Buuzk9FhaLtXCpGqwjetZDS9dtzHZbvdC0SAiwsbHA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE7m3YvkWzGSKZaWs26KQPc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 2F0C 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY-f6-vQEwAQ&v=APEucNUoV2vLN1eY3j7AEuz0WYETaWeM0QKHGhstZMWnNSwCFwOWTKlqWfr5nIZkrl8JyI8-yp4ydkxkCBmqY9F-SWnBwWXyDPDFQQBYEmUC7Q-4UDBZ1Mr5-S_PxjZyyr6X-Sy9lJHMhMst1em8sj84XLD-P9F3Ml2a1SBKI7IA-PJWDLg28oe5Buuzk9FhaLtXCpGqwjetZDS9dtzHZbvdC0SAiwsbHA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 2F0C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEMg9oaYN8yNWEWw0mLlyoVM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMg9oaYN8yNWEWw0mLlyoVM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY-f6-vQEwAQ&v=APEucNUoV2vLN1eY3j7AEuz0WYETaWeM0QKHGhstZMWnNSwCFwOWTKlqWfr5nIZkrl8JyI8-yp4ydkxkCBmqY9F-SWnBwWXyDPDFQQBYEmUC7Q-4UDBZ1Mr5-S_PxjZyyr6X-Sy9lJHMhMst1em8sj84XLD-P9F3Ml2a1SBKI7IA-PJWDLg28oe5Buuzk9FhaLtXCpGqwjetZDS9dtzHZbvdC0SAiwsbHA
Protocol
H2
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:49 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 02 Mar 2022 18:27:49 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEMg9oaYN8yNWEWw0mLlyoVM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 2F0C 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY-f6-vQEwAQ&v=APEucNUoV2vLN1eY3j7AEuz0WYETaWeM0QKHGhstZMWnNSwCFwOWTKlqWfr5nIZkrl8JyI8-yp4ydkxkCBmqY9F-SWnBwWXyDPDFQQBYEmUC7Q-4UDBZ1Mr5-S_PxjZyyr6X-Sy9lJHMhMst1em8sj84XLD-P9F3Ml2a1SBKI7IA-PJWDLg28oe5Buuzk9FhaLtXCpGqwjetZDS9dtzHZbvdC0SAiwsbHA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:49 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 02 Mar 2022 18:27:49 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
skeleton.js
fw.adsafeprotected.com/rjss/st/899486/59154207/ Frame 7405 		231 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/899486/59154207/skeleton.js?ias_dspID=3&ias_campId=15846431&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=50015086&bidurl=https://pt.vermin-club.org/&ias_dealId=
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.39.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-39-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b7635b7386258ed1912e5980dca86825ca530db46f39c29c1b9fe2e2131f5788

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 7405 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
Origin
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 17:13:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Mar 2022 17:13:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/ Frame 7405 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfTrRISAZGmqDescb9p8jjK_yUJJxZ_FghgdADYWnIvejsdoIxD9n7ykfU2uR7wlQrjNGjzX_ZDPdoamKGV2UWVefQGA0U7gqkWcOgGyK1Ldh6ffRstvnBYIAPs5oxIJfKKZcc4lSWk2z9HHVRnKt3Yes4pA&dbm_d=AKAmf-A1laWsmOQD_uyrU13Mw9nKn8suUiAFGOj1HmcI8CJBGbA1IcxewQpXcRWNd_Xqh_H9CKTc7K6zYAT0AMZo_iu7cJn5Jz-lb9V1pHiPkyiKGSxA4PUqIMvtvgHTu3appp5N8FDZbgGwUHgN29_UYjXKM5AZwP40tTAzZM09_u0dJhBYCUbpoABnArNxD7qw08irVDxoHmvaVCTPXuQcCWXA9p7of_Hg7n7V1PB_lWtk4SjjSn7pj-FZX0Tr9UTPXY_MpEOJ-fsPR91ObCaE2OSAjro8QjMikdfGrCWAfUMHPWP8LR44FCv5XNIi65qyR57HfwmJKUTn9Ptz_YU0yG6b3Usmyx7gUHA2wZP8aCFvvKk1rhlOtdIcUeEZW0MNwitNNgah6zCyCJ24PYZiN9CYqgHHwb2YMf5LEhznlI8ymz_uqjhLqviJGV1UxooTJR4BkCgLJSG8GNJI8-4WU6lgxUj1oOy6sNtaJtk9u3w5QblUsbufeJehxMksP5dNNtBnXErcUNz9-88eNAxmwsErxK3UK1Z53Mex5WyQx5Qqp4QSG4k33Z-nB68-off3pd2bw6pGtJDDEKxGg47T26i7xPgTBAMLOkUL3_W5-onFyHWo97zqVuSrJQ0WmQhV5tWVbDNSCG2ZQfCiVnaPejYPSwK3_nFhjbsXKtU_7txB6yYDuB-Vd1hkk94Uk9UQPi3AtgCD7rzxV_kUAXXxtEKDkKzfBaGUjA90q0WGY2hI_9400OKXkxGr_n4ec4YA7yNOKXReC5FGF8n-Y4RH4Y5T4skp28EkkZpjbIzBwkxiYdbl4JXQhd1JACwxmPr4s9-H5l3vCfTTyQQ-nZUz6Z7PS6f6gvCGz-9eYOYGwdr4qBVx828Yh8S7IpzL7qdp-tUvhc6iAB_yenOW__Svg2XTaJokPVIAL2h1bx7p5kcZgVrh-kwj5nKIrMbHjFiX5rX16ud76uS9JUOqiONenfawYWTsn2fEeZWLMndt6njH6qCMt1jYLuJnc8_L2oi90XhHmD1rZ52jeOy-GiQeVtj7LDB3BSbg5Ww3U_YD-qvovbrbrRylRsH6pPnqIXG9zKiAqE6qlfRCbOLfgtV4ZIQeO2pZauWIEcTlLgo5kKx42F0oU3FXmJ1OIbBr0LqvNtDLf9QrvHwTr_k8k-ezR0ainfX_cn_McIE_W4LDGWo-DidZMybDfH1-qtnc0-DSxn8akWq11tE9kKPlPDomivnUM3pyYSQ5hwqPuNT6JUFGlbIYsclKs8Cbnb1AWCxj3NcaJ6Sxl05E73VDE6WgiSyRx9XAk3mZqdGi43_Hg6cjGaR0uj9ZwQDrVRt5VksqrjTWezu4uLDlYwUeSQ5xaexUkr_zkHDV4ISbfyvSI2qznicoY4jFyo9FlX_p7qmvHFZs4AteMgiA1UG1hPIRTA8KqPz_YJEjaovQubxUkMqV1XBOoNEWL2igGtjUXfRkG3lUxxmIuYb_MgLMEavlnJug9W1WEUMsvZ614VT0vTEzXLyi9jLwpwGuphYKIFC8m5GBRxg_3pQayoSBYTEvvBsSw_QnW3AMyeP9UG3BTl4pNwPe9uxB-D60n5H-aOH9o7n0dTXf2wU91hy-WobSEX_NpbVIlCA_-TPI3mcvOh0sWfcPBBxptapqVcWwxz1O9cBnjDyLJebLx91wV9Hqo0NCAPOathpnV2s63TI0gzhtkI7eAsSGdwudUgHRLyK897t_6k4jfW8Bpp316LvqM5rO5KkbdIF9iQDu4-ZnO-IqDHTQPwU8W-HAyG4zQdQLy22_GB3MbC-Qs3Dt5z1CbzyZhE1s_p3xly7dr0EZ-GsVtP_O6kp4nToi1JGkBuBTaY_Sqm5hdLYYmhYAqlFQUJsTfEbh2MuvXY_orOp9_mo8GXwvdDGEPhkq6_oZjEHqhIT3-Gbne32UGlq7XWFObZfvD_q-MbVdm6IwkmugsQFiduN3SeXPGzVeOhCkYpZ7uV1TlYgOf6BjtsQQW5GzlzSth3pFvy0udWxS1mBuFK8p5NW3JM1V21LDwAVeRh4rNkv1zRn4WZT1KwRqe3GnObWTEXHckYt4ger-atBCk7a9x2VJkeiiZ1gMe0Oiuy2py9JlGk_zG_HBv3yvWQPbt4w6Q36l2Re-H3yTiPiLrGXfmvce9JPqf0Mv8K0RWcB6ZtyyChyrK2mrPizujXUl0AXhKzHn8YntZjXwAchz3x7-LZ5B3XO2mvLdn_owpFsudfqBRwi7eiwgMDrRm8SL2dYs3IY-fsQnr57hEAYZBfz5mbvEepjMRLUslQPHU9QUpYeOfnCv4lov3Z-024rPqU17gNrEoR5d9Yv7QLz5Ad0uhZohm2iXubF4Wx_k3X-PVxwpeAzj06xQMk-BotC9rzI-OTb2fFqlambM4zpjslEM1cC4GgddrAaTt9HzNDuZij3zTJ9CoHXnayWX3fQG2HiyeHGKyGw2ZDjmx54XC9Joe89Gvdzm0aD19M-awQ3BEEzquCsggw5F8OoqQs_5qUd8iNklllsN3pwolfb4FDmlDsXIlpI40Ma9E8BgcY8z7wuCH-ungmd6p-i3aOCm00HZ3Et8eRXt2k1IcofajwqF17o-KEuYAu88FFICNVZ4XD-eIEgoO0sCjEKXXldNDr0Yq3vKIeJTv1-eMiGHStErKRfW6ZLdL-92cyIo_2TQbJEyaDShyEDcUV0kmPayUPDKmphYu6xMV6JYP6wp9Fgyu4enWDgxTESYc8dUc1kEd9Nt7vsU-TfblxoSVrb-OscXItEX04Ju_zevZJSeh8b_gPcOHCl1YwCZe1UWOqdYJkANGTIdZlnj9LPeO2-1_XZ8V8p76T4BkvJrR0iVVq4nrwIx4sHJVWjLOvc0l3UDLXAHBfn7-DcE6Tzo0LSJijEhdpBl-a8xTmssJxTpX93E5_cwIYFOdMDs_RiHYkD_wDWHX4VGLkGByNtZ2utq2-0motBIakXI0JGgztap2EVsH9TBuTGLqrnEG6DY7tgRaWbsiirYt_gZVliv6JJ6uZTpig2GvCn6OmsuLlrgyXywHyER1UXybMr_PVjtfvMEPZlMr70E6k6EJs_oBnq_f3pez0XElR_25C8qbp0jjZLihNWi8fOjirt91Cp3pUJZYpMaxrhxzjbUuAQDhs1dUJevPe9k-LBUwHxeUgLUVLpDiFyL4jsBGSDOtQUpTvn3SiYyQhRXP0JnSCX-APyxidf8V8oLu1F-Qrird6eAPgYG-qYjsBEuYxRx81GEApGEUoJJE_gT65MNtFSMXE75RX_fouLufA&cid=CAQSLQCNIrLMOQGCPVZopYjxGEtFK8B9IlW9E-nNdDwQ6w1j2dtbKrjxK7n7365CIA&rfl=1%2Chttps%253A%252F%252Fpt.vermin-club.org%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:25:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/ Frame 7405 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220228/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DfTrRISAZGmqDescb9p8jjK_yUJJxZ_FghgdADYWnIvejsdoIxD9n7ykfU2uR7wlQrjNGjzX_ZDPdoamKGV2UWVefQGA0U7gqkWcOgGyK1Ldh6ffRstvnBYIAPs5oxIJfKKZcc4lSWk2z9HHVRnKt3Yes4pA&dbm_d=AKAmf-A1laWsmOQD_uyrU13Mw9nKn8suUiAFGOj1HmcI8CJBGbA1IcxewQpXcRWNd_Xqh_H9CKTc7K6zYAT0AMZo_iu7cJn5Jz-lb9V1pHiPkyiKGSxA4PUqIMvtvgHTu3appp5N8FDZbgGwUHgN29_UYjXKM5AZwP40tTAzZM09_u0dJhBYCUbpoABnArNxD7qw08irVDxoHmvaVCTPXuQcCWXA9p7of_Hg7n7V1PB_lWtk4SjjSn7pj-FZX0Tr9UTPXY_MpEOJ-fsPR91ObCaE2OSAjro8QjMikdfGrCWAfUMHPWP8LR44FCv5XNIi65qyR57HfwmJKUTn9Ptz_YU0yG6b3Usmyx7gUHA2wZP8aCFvvKk1rhlOtdIcUeEZW0MNwitNNgah6zCyCJ24PYZiN9CYqgHHwb2YMf5LEhznlI8ymz_uqjhLqviJGV1UxooTJR4BkCgLJSG8GNJI8-4WU6lgxUj1oOy6sNtaJtk9u3w5QblUsbufeJehxMksP5dNNtBnXErcUNz9-88eNAxmwsErxK3UK1Z53Mex5WyQx5Qqp4QSG4k33Z-nB68-off3pd2bw6pGtJDDEKxGg47T26i7xPgTBAMLOkUL3_W5-onFyHWo97zqVuSrJQ0WmQhV5tWVbDNSCG2ZQfCiVnaPejYPSwK3_nFhjbsXKtU_7txB6yYDuB-Vd1hkk94Uk9UQPi3AtgCD7rzxV_kUAXXxtEKDkKzfBaGUjA90q0WGY2hI_9400OKXkxGr_n4ec4YA7yNOKXReC5FGF8n-Y4RH4Y5T4skp28EkkZpjbIzBwkxiYdbl4JXQhd1JACwxmPr4s9-H5l3vCfTTyQQ-nZUz6Z7PS6f6gvCGz-9eYOYGwdr4qBVx828Yh8S7IpzL7qdp-tUvhc6iAB_yenOW__Svg2XTaJokPVIAL2h1bx7p5kcZgVrh-kwj5nKIrMbHjFiX5rX16ud76uS9JUOqiONenfawYWTsn2fEeZWLMndt6njH6qCMt1jYLuJnc8_L2oi90XhHmD1rZ52jeOy-GiQeVtj7LDB3BSbg5Ww3U_YD-qvovbrbrRylRsH6pPnqIXG9zKiAqE6qlfRCbOLfgtV4ZIQeO2pZauWIEcTlLgo5kKx42F0oU3FXmJ1OIbBr0LqvNtDLf9QrvHwTr_k8k-ezR0ainfX_cn_McIE_W4LDGWo-DidZMybDfH1-qtnc0-DSxn8akWq11tE9kKPlPDomivnUM3pyYSQ5hwqPuNT6JUFGlbIYsclKs8Cbnb1AWCxj3NcaJ6Sxl05E73VDE6WgiSyRx9XAk3mZqdGi43_Hg6cjGaR0uj9ZwQDrVRt5VksqrjTWezu4uLDlYwUeSQ5xaexUkr_zkHDV4ISbfyvSI2qznicoY4jFyo9FlX_p7qmvHFZs4AteMgiA1UG1hPIRTA8KqPz_YJEjaovQubxUkMqV1XBOoNEWL2igGtjUXfRkG3lUxxmIuYb_MgLMEavlnJug9W1WEUMsvZ614VT0vTEzXLyi9jLwpwGuphYKIFC8m5GBRxg_3pQayoSBYTEvvBsSw_QnW3AMyeP9UG3BTl4pNwPe9uxB-D60n5H-aOH9o7n0dTXf2wU91hy-WobSEX_NpbVIlCA_-TPI3mcvOh0sWfcPBBxptapqVcWwxz1O9cBnjDyLJebLx91wV9Hqo0NCAPOathpnV2s63TI0gzhtkI7eAsSGdwudUgHRLyK897t_6k4jfW8Bpp316LvqM5rO5KkbdIF9iQDu4-ZnO-IqDHTQPwU8W-HAyG4zQdQLy22_GB3MbC-Qs3Dt5z1CbzyZhE1s_p3xly7dr0EZ-GsVtP_O6kp4nToi1JGkBuBTaY_Sqm5hdLYYmhYAqlFQUJsTfEbh2MuvXY_orOp9_mo8GXwvdDGEPhkq6_oZjEHqhIT3-Gbne32UGlq7XWFObZfvD_q-MbVdm6IwkmugsQFiduN3SeXPGzVeOhCkYpZ7uV1TlYgOf6BjtsQQW5GzlzSth3pFvy0udWxS1mBuFK8p5NW3JM1V21LDwAVeRh4rNkv1zRn4WZT1KwRqe3GnObWTEXHckYt4ger-atBCk7a9x2VJkeiiZ1gMe0Oiuy2py9JlGk_zG_HBv3yvWQPbt4w6Q36l2Re-H3yTiPiLrGXfmvce9JPqf0Mv8K0RWcB6ZtyyChyrK2mrPizujXUl0AXhKzHn8YntZjXwAchz3x7-LZ5B3XO2mvLdn_owpFsudfqBRwi7eiwgMDrRm8SL2dYs3IY-fsQnr57hEAYZBfz5mbvEepjMRLUslQPHU9QUpYeOfnCv4lov3Z-024rPqU17gNrEoR5d9Yv7QLz5Ad0uhZohm2iXubF4Wx_k3X-PVxwpeAzj06xQMk-BotC9rzI-OTb2fFqlambM4zpjslEM1cC4GgddrAaTt9HzNDuZij3zTJ9CoHXnayWX3fQG2HiyeHGKyGw2ZDjmx54XC9Joe89Gvdzm0aD19M-awQ3BEEzquCsggw5F8OoqQs_5qUd8iNklllsN3pwolfb4FDmlDsXIlpI40Ma9E8BgcY8z7wuCH-ungmd6p-i3aOCm00HZ3Et8eRXt2k1IcofajwqF17o-KEuYAu88FFICNVZ4XD-eIEgoO0sCjEKXXldNDr0Yq3vKIeJTv1-eMiGHStErKRfW6ZLdL-92cyIo_2TQbJEyaDShyEDcUV0kmPayUPDKmphYu6xMV6JYP6wp9Fgyu4enWDgxTESYc8dUc1kEd9Nt7vsU-TfblxoSVrb-OscXItEX04Ju_zevZJSeh8b_gPcOHCl1YwCZe1UWOqdYJkANGTIdZlnj9LPeO2-1_XZ8V8p76T4BkvJrR0iVVq4nrwIx4sHJVWjLOvc0l3UDLXAHBfn7-DcE6Tzo0LSJijEhdpBl-a8xTmssJxTpX93E5_cwIYFOdMDs_RiHYkD_wDWHX4VGLkGByNtZ2utq2-0motBIakXI0JGgztap2EVsH9TBuTGLqrnEG6DY7tgRaWbsiirYt_gZVliv6JJ6uZTpig2GvCn6OmsuLlrgyXywHyER1UXybMr_PVjtfvMEPZlMr70E6k6EJs_oBnq_f3pez0XElR_25C8qbp0jjZLihNWi8fOjirt91Cp3pUJZYpMaxrhxzjbUuAQDhs1dUJevPe9k-LBUwHxeUgLUVLpDiFyL4jsBGSDOtQUpTvn3SiYyQhRXP0JnSCX-APyxidf8V8oLu1F-Qrird6eAPgYG-qYjsBEuYxRx81GEApGEUoJJE_gT65MNtFSMXE75RX_fouLufA&cid=CAQSLQCNIrLMOQGCPVZopYjxGEtFK8B9IlW9E-nNdDwQ6w1j2dtbKrjxK7n7365CIA&rfl=1%2Chttps%253A%252F%252Fpt.vermin-club.org%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4869d34286cf7e51f09f762190d338474a1489c7afa78a873b6eb05eba5cad0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9662
x-xss-protection
0
server
cafe
etag
8494214007462833898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 18:25:21 GMT
c
c.mgid.com/ 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=228|166|8|w6ZuTwyR2rPydCunMI83YYVA3o7vzug8ENXF_-tRjPIdQEx5x_bdhELahkCOYlTA&fw=1&extjs=66044&v=228|166|8|w6ZuTwyR2rPydCunMI83Yeoj3Lh0MOcAbk8Ijrcv2JmHGy5uXaCMEdYBs1sLeHx1&cid=1207559&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=75586baf-9a56-11ec-b055-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=17f4be35fa2829adb99&cbuster=1646245668186798724344&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
1c58a4c1-b6bb-4902-bfdb-0753be0d84bd
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e5c30422afa6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022022401&jk=849674774045444&bg=!6eql6q7NAAYFuXAgBbk7ACkAdvg8Wp2eMTa946hy2GLAvkx9DLIWmHbNVbhiMcb9-3L4t_U7LtJJWAIAAAB7UgAAAAFoAQcKAIcEb_0zW_6S8GMD0z5-euvM3LjQwRkcYTywmM0-s8GmiuYy0CIlTrg6HxhKBebeUBnInYvnEkrGU8x4b017UwkChTiB1QYr9uLoVGWmevVVnOBUgli8XsVbNvaQ5CXRYG0FGyiRw5WDbXjNHgqkcKuckNdh1ZmrPMtnZwD2Oa_Kh94YN6M5SyiZAqOrlmAFGJp3OsaWyRAzMKJ8ZNVnoTbLe-lgbVDcr6bcj-e_gi6DXXcfD_C7rIY7SwJc32BJI5dzOvtj3x7ZIUtIDRT1la5xOsKcrsBtFDw7y4k0re6a_RpIdz2s99YXSfRmdkdD1YZN2eAAs5Dpua7MmyXNHNQfLgj24fqvGhNv5syqylZ9gbt8PlaM86L1IOuX1yvzQZz2qhIk08U0AOMpR5zepFTBP5qWxtJZESLYfoHmqbtlU8o42_eQSTbXDR5cszr5o48C3vKmWMsP4jlpTYPD7suTz5OPyB-aiy4_xGtvAaDt5nleWobLsYFX8ADRZH-guV496Vl7GMOk8pi-I5VU1bXB7rmNqumtsrSrsmZHGFPh5DS9eQGMF0z13hUoAOIeiyCkXlPbE6Dh-09KCgbkAYz2Mhc-gtYilPtRJ5Urpc9tqLSWDu8pV4_8CBIpwxdNlZKf8hYoADTpAtw-NhhbKK4mu19m5wg5rHrYif_r4rMpkJi51glXMqWtOgg_1M0xyLn9uC7Euk9h1-La6Ha1ITwlbxJmz1fZ-3CQbaO_22toycXiZI-FaI9ZfIEUCADDJsRKd056KwMfsj5E2_DchArloIT-cz23yN9WKPv70mB167Nd_IMLqb4I4SrmbIw9ekH8ScF7eprPUDW7yAvOqB6RerPGTd2Lpp40RS1QGdRB_l0rGSmOTzb-sAEjRRm8UXhX1k_MT95GEIIqtSX0A2EXFuJZalHlJvRFF_ygUI2ql48v34M4DZxirtCyXHC3gqiMrU5gWF-S-a2gpMiPYVfWxsNOs45VeDhFhY2oAWg_7NEgUL3p59nv_zOB41iODOBqwN92RzRrsA2dSRShBkij76NhprjEEvNNyGb4MCIDc53_e4uwsrHSvC5b9-k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7405 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 13:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 13:52:58 GMT
truncated
/ Frame 7405 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c57d1f7c6d5e5291231d03a9d5c6fd7b8f496fd7d0648596bff685a7f74f5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 15FD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 01 Mar 2022 13:54:22 GMT
expires
Wed, 01 Mar 2023 13:54:22 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
102806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/sadbundle/9857207275611410272/ Frame D14E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241cf4053ed4f3711959e2e222e27268de0fcaa5ad69cf5054543dfa53f57d22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
1353
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Thu, 24 Feb 2022 11:47:15 GMT
expires
Fri, 24 Feb 2023 11:47:15 GMT
cache-control
public, max-age=31536000
age
542433
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 7405 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssET5Qkqw_zNOdkeyZQjqgbkYRRLY20U8Ip79P6zV_th8P8IYfaMcRetd_Si4s9sc3krzbjD_memBxlzT3haqnE9EhtpcWm02abdtEwN4e6y-j-HZIu-usecu5ECyRe1rGVL2e3DvGKoiprb3fxhfn_RPvhrA_-AkVbjH62EWg_pb8cgoNgV8i7QeQxUCysNqrZCHp9fLRHThicGkMhMfpIkCR7tkkvObF88nrPvi4ZqaPXMd0kLbrmCO8Hp8PvLl6sGk1BSn5w9FQqQ5P6MWgoEE8rnfjwSCDc8luBxm86cfgO44IegVdjFNOReh28-nqfXlh90tpcTZzqWialTdxLgzGFMfhzuymFhP8hK7CaAqWSUF82PuHcplFWnxgsvrXqTtOPRFcvKARmwEHK7q8p7KV7baZO4b9xDw3Z5N8RNQJfnz81_CXasnB7z6IpczYWNsF7jFo59weTr_IMppVKZMlfGlXO6YSgR4F8unHIOg-qjU51Rsz0lVc4Ex_r2yKYqsLqFvhIzvqjQyTpB8pKMLZ9kYpxJbCEZSwoD-y-GaXt8TreLrUGdxSjLjZc0GgVYEOD-ApZyuLWwdj-W0UUUhsexfqBW8WHpy1oyQLb5JeBoLomuLBPxta8KaUuBGaeWamG6QG44utCBiLII3HM94VPOHuBhO7_3ry8Y9rYgv6PnJ2AlxOjTr4PXfW-Mk6qitcNCQb4YYuUYTknH4zbMsJL7ecCSAUbbOJbYOs8X2X44-v_S6aJeIq-RwRh_Bkh07kz4gshlFyizgKgfVXJ52n4VOFR7g0SB4JVCBCn4vkmlrETrIdjEYXuRnXCTxelpVRvXokcFa-Gwdrfb82g2REIj3NQiOSeKts9RBvR9BSL40s4htiiRXh1GQ3BcF_IpIRRW25xSMsWbV9y0D1cpHfrv41-xV7D9UKTz5PYxXGeZVonzA647LKcIgKZdhr2O6pT6-qpkNpoCtQRMeLtXGNfUzXv0syYPPzyfrmcTZJHLFDVNpvbxcB2FsqIxXMdiY0uy8peBs8TlmWdMAmwJEFj_sMYvVS9CPQqahxSQeYmTTKD7gEJQS-_v9fnYCC6vQ_PH3HEym4zzJxLRowsIXU8TtN6gumIptwAHkcnnx7nfkYwel77rM86y62rv-TUt1AT8uyN1ajUMRLxVi0Y1l7udizeY1ki6vSZz70Ca6lGtlFyN61HY6Xi2nGBXKwNYbqUzpYE1NpT7WX9dAeXS_41I558IK2UFQhC7IH_IQUd8YwZg7N3URsAJJRpNGEYUP1YitWA5-VNzAIoXdyT_9Kn6OY&sai=AMfl-YTwEoURGUGgfocQNjeC02-reqz8wBWe5oJa9VjPuLEPJ-DwSNsCVHoMv9aVB1sxrFaNUOiq6IJGDpRZ7JqbYDAyYU-TP2xhXb6D3iyZZmyBMJLAv4nP1We_WtLqvq5ij9sbjC0VbApEQ6JlhSIi5LnI5gG_o9PRrSdFGY-lQUglpFvxuUclcXCmVCMamXJJnPc9r-2AytsoH_ZNYjBpVHaFTwBNGy4zMNzR_A&sig=Cg0ArKJSzLqgTqIDqMd7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=45&cbvp=1&cstd=43&cisv=r20220228.10732&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 02 Mar 2022 18:27:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
mF8jAiIKdU2I24lDkXEdvB6f9nJ-5cys-Upa-8ZRieM.js
pagead2.googlesyndication.com/bg/ Frame 15FD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mF8jAiIKdU2I24lDkXEdvB6f9nJ-5cys-Upa-8ZRieM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
985f2302220a754d88db894391711dbc1e9ff6727ee5ccacf94a5afbc65189e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:44:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
9783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Mar 2023 15:44:45 GMT
style.css
s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/ Frame D14E 		3 KB
875 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cbfa8f1fa958989e6c0910a10ccff91d31bf6209d300176dae4fc7d4a9cf7c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194774
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:21:34 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame D14E 		113 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1178945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33534
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c274"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MWiftd9Vs%2BWT553akO4mOaIujYQbL%2F0qGwFaCCUPjaNcYwO40beiPkBQiW%2B6YcX4aWebEITDpwwOqu5zvDcF1kWwGGcPElEdhZeGWZIIolK%2FAjx7LI9cYVjNokgsJhuLxxvmy7fe4KEvYL99hEFSbxJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e5c3042f894374d-MXP
expires
Mon, 20 Feb 2023 18:27:48 GMT
main.js
s0.2mdn.net/sadbundle/9857207275611410272/javascripts/ Frame D14E 		3 KB
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/javascripts/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d3f27a3972d1254d23f3464dcedc6f1a1dc3a3e5439322bf715996c20f05edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 19:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84258
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
748
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Mar 2023 19:03:30 GMT
c
c.mgid.com/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=3&v=228|166|24|w6ZuTwyR2rPydCunMI83YWG1lqBIT55zPeDkz9RSWD094PJP0W31BYeqLPs1NthB&extjs=66044&v=228|166|40|w6ZuTwyR2rPydCunMI83YeSPlMcupPhMwB9uawoJLm66Vsu5C6KJPVZgYUAfgrsr&v=228|166|8|w6ZuTwyR2rPydCunMI83YRSg6W6-SmGvCZYsiqhlEhHqJrziJKA-60w8YRARkehI&cid=1207559&h2=L_VeimGmIyuuyKT7tZS8nfhiGb6CTwVO6xjKycj2N0E*&rid=75586baf-9a56-11ec-b055-e43d1a2a04aa&tt=Direct&iv=11&pageImp=0&pvid=17f4be35fa2829adb99&cbuster=1646245668308219294995&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
de165aa1-025e-461e-9057-0912a2147a06
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6e5c3042fc836916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
bg.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad3568e2108c0abf3ad1c05c629be3ea7c5a8a2dfcda139514224783ae5bbda2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74798
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
push1.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/push1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b69e331b79759fb1c0b61205e2704e6228d1952b681cdddc8e808b7e884e3af9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2391
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
bg2.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c6e60c44e2e29d40a94d2843b8dd17b89af0a5767802c154fc0d257be4cf42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89049
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
push2.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/push2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3e8146a8ce9363aca840c573afe77f382a578b5aa1a4b9eacb9dab4e8832635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2024
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
bg3.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7ef9e6359708b2c0d0ff0782f1e05d8103ee6150b9c978157dce258cb7e95d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72234
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
push3.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/push3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37d742cb539fd632ae327cdf25ca452b3d3ae5492c00cdd41a8afe1fb5f59810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
bg4.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d06b21ffde792d5820d85d667c466761f2d11eb0c24de8d2ee686bda13cf3ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58679
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
push4.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		140 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/push4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b47b0822eca0f063d9761994afcb069eb121b3b33f472ae5c47ff3f506491c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 05:19:57 GMT
x-content-type-options
nosniff
age
565671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Feb 2023 05:19:57 GMT
push5.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/push5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4844bd0dd9b6fbbcf54d761c911839947dc63ccdf796238ebb77bf2d9567a5f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2452
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
bg5.jpg
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/bg5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbcbb6bbbc30bc9f7ce2e21e30b94d99d485f6aff4f4d0e23d3eeca215991e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84030
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
push7.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/push7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ec8660120360dee15aa257d9ff6e5d30e4eec2e9cc5b9f69b275b4226fef871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 18:37:19 GMT
x-content-type-options
nosniff
age
85829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Mar 2023 18:37:19 GMT
push6.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/push6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8249e6e6aab05d209185d72bf727e5220b1f067681e62678fb5d81d372696f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 09:38:01 GMT
x-content-type-options
nosniff
age
31787
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2645
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Mar 2023 09:38:01 GMT
mask.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/mask.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a0ebad63f72a76eef81489ff5a91460a375240977a35f6f6bb93f1bf1bb5f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3774
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
cta.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d75c407d160a96010327243698e453ffbc5e2e6aa6d37a80cb8057457210902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 12:22:19 GMT
x-content-type-options
nosniff
age
194729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1292
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Feb 2023 12:22:19 GMT
cta_hover.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		99 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/cta_hover.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 08:27:16 GMT
x-content-type-options
nosniff
age
554432
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 24 Feb 2023 08:27:16 GMT
logo.png
s0.2mdn.net/sadbundle/9857207275611410272/images/ Frame D14E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9857207275611410272/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8226c4a493e7940c8fb7760cd0b68656bd25557379cbb42bb8f395a51b478a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9857207275611410272/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 19:03:30 GMT
x-content-type-options
nosniff
age
84258
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8527
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 16:57:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Mar 2023 19:03:30 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7405 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssET5Qkqw_zNOdkeyZQjqgbkYRRLY20U8Ip79P6zV_th8P8IYfaMcRetd_Si4s9sc3krzbjD_memBxlzT3haqnE9EhtpcWm02abdtEwN4e6y-j-HZIu-usecu5ECyRe1rGVL2e3DvGKoiprb3fxhfn_RPvhrA_-AkVbjH62EWg_pb8cgoNgV8i7QeQxUCysNqrZCHp9fLRHThicGkMhMfpIkCR7tkkvObF88nrPvi4ZqaPXMd0kLbrmCO8Hp8PvLl6sGk1BSn5w9FQqQ5P6MWgoEE8rnfjwSCDc8luBxm86cfgO44IegVdjFNOReh28-nqfXlh90tpcTZzqWialTdxLgzGFMfhzuymFhP8hK7CaAqWSUF82PuHcplFWnxgsvrXqTtOPRFcvKARmwEHK7q8p7KV7baZO4b9xDw3Z5N8RNQJfnz81_CXasnB7z6IpczYWNsF7jFo59weTr_IMppVKZMlfGlXO6YSgR4F8unHIOg-qjU51Rsz0lVc4Ex_r2yKYqsLqFvhIzvqjQyTpB8pKMLZ9kYpxJbCEZSwoD-y-GaXt8TreLrUGdxSjLjZc0GgVYEOD-ApZyuLWwdj-W0UUUhsexfqBW8WHpy1oyQLb5JeBoLomuLBPxta8KaUuBGaeWamG6QG44utCBiLII3HM94VPOHuBhO7_3ry8Y9rYgv6PnJ2AlxOjTr4PXfW-Mk6qitcNCQb4YYuUYTknH4zbMsJL7ecCSAUbbOJbYOs8X2X44-v_S6aJeIq-RwRh_Bkh07kz4gshlFyizgKgfVXJ52n4VOFR7g0SB4JVCBCn4vkmlrETrIdjEYXuRnXCTxelpVRvXokcFa-Gwdrfb82g2REIj3NQiOSeKts9RBvR9BSL40s4htiiRXh1GQ3BcF_IpIRRW25xSMsWbV9y0D1cpHfrv41-xV7D9UKTz5PYxXGeZVonzA647LKcIgKZdhr2O6pT6-qpkNpoCtQRMeLtXGNfUzXv0syYPPzyfrmcTZJHLFDVNpvbxcB2FsqIxXMdiY0uy8peBs8TlmWdMAmwJEFj_sMYvVS9CPQqahxSQeYmTTKD7gEJQS-_v9fnYCC6vQ_PH3HEym4zzJxLRowsIXU8TtN6gumIptwAHkcnnx7nfkYwel77rM86y62rv-TUt1AT8uyN1ajUMRLxVi0Y1l7udizeY1ki6vSZz70Ca6lGtlFyN61HY6Xi2nGBXKwNYbqUzpYE1NpT7WX9dAeXS_41I558IK2UFQhC7IH_IQUd8YwZg7N3URsAJJRpNGEYUP1YitWA5-VNzAIoXdyT_9Kn6OY&sai=AMfl-YTwEoURGUGgfocQNjeC02-reqz8wBWe5oJa9VjPuLEPJ-DwSNsCVHoMv9aVB1sxrFaNUOiq6IJGDpRZ7JqbYDAyYU-TP2xhXb6D3iyZZmyBMJLAv4nP1We_WtLqvq5ij9sbjC0VbApEQ6JlhSIi5LnI5gG_o9PRrSdFGY-lQUglpFvxuUclcXCmVCMamXJJnPc9r-2AytsoH_ZNYjBpVHaFTwBNGy4zMNzR_A&sig=Cg0ArKJSzLqgTqIDqMd7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&vt=11&dtpt=161&dett=3&cstd=43&cisv=r20220228.10732&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: pt.vermin-club.org
URL: https://pt.vermin-club.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Mar 2022 18:27:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 15FD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba7FmJLcfYrfZB8eArASPgoEQAAAAADgB4AQC&bg=!DA-lD0vNAAYFuXAgBbk7ACkAdvg8WshnZJ513icMVM8EkPpUramUHSw03_eZlvtxSM_Srard8P1uTAIAAABoUgAAAAZoAQeZAu564gYmCE-6TcjLrSaaTQCsIY6j9eamShGjzIM2AA7Ag4ZxkYmpZNe7FxdduT7YU1i2KmbihhRUFtcF4x5rDCx1vUy_hNGh9AsTgap6xVE56UHoHHmw93Kz9JZGmSLZougfJ6EObE7SHJ7i_hzPSS9IY1iDXN7YL8TSvt4wcLlRDa5mB5-gFji7akInT02VkujxcwheH_Bg57SxseCGkXVuMz68VRI2rXp6dDQl_Sy4LAlRwO9mG9vzxjca-ETrzxO6Kz0sZQeGK6x61rDmYqESCZ1t1t55obBpZvNuO3YZ2mup1SSgG2Y7tCcyUF865bCVtzvyigrG74hg-jnNmiZlETg0DLqmtKcC978pDsjctd3PzbhaIDgkPAugIzBl_I3bSnaJ90E_4km3azfH1UY-ZfgS_PY0EXiJ1hv7Rss7G8karhQwln9bKsxa2byGPAgIawlAhy2D8nKQAiM8rwR4idy1gs9QlynUkRLhk-IT5jWoIC6Cn5BSf_FfoGl940nGBXPfgv3N4aVnU0gYEX0tBUzHDTyYdVCQ9BenBWmxPfcfyMXe0P-IZGNJ2yVkwuEEYkVFKwZzLcVA65lnIDTfub--qYAIJnKPZJrufsAbghoAebe8TuRSh_WifRBUiZIDDSEvgxSq5JgLBx-zQVsu75bfD4zYSy6YyetVFU4qe0BUk5QLKMLpIj2_CmuU_eWYtQpgB8uFyZvSA8FnAw9mlhVpU-mIr48KkgbtL_DRjafdhkzCGwfatThDNFbI3ZJj0yAU8ddMvgpC9NyBlMCKbLbaF8BJEw3Z-D5gTM68w6ausi8CrqXDWLI5J25-LACoLSALcBRFBgBZE3ghieTlJG47IVcXIE8wklulX4UhhnT7HzacfRF0EbsusFSt9UkBpYaraJ3t7dMEW-5FTYbqqMZMrvP4JEql1-7supYOcP5IGCN8mTzICLZw5MTUXtufxhtZXRj-rZwTxzoiOwXTH8T5Lax418TrsER-du0
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.js
static.adsafeprotected.com/ Frame 7405
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/899486/59154207/4.js?ias_dspID=3&ias_campId=15846431&ias_pubId=pub-5512390705137507&ias_chanId=1&ias_placementId=50015086&bidurl=https://pt.vermin-club.org/&ia...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:224a:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 19:10:49 GMT
content-encoding
gzip
age
83820
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 01 Mar 2022 19:10:48 GMT
server
AmazonS3
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary
Accept-Encoding
x-amz-version-id
Un_.8Vp_TKwliNJVsYlZHVB1x_sghLWA
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
EMOOpC7QZXpJOX2PUI5_GFgbSqifa0m3WCCExx4XczhHBzIY4HNtMA==

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame F0B9 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 15:56:46 GMT
content-encoding
gzip
age
3119463
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
6g6WzL7kglooUHXgwp001qwrPVfJAxMKA4Yhozq9ORTAFSWPAPnkLA==
dt
dt.adsafeprotected.com/ Frame 7405 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=cc9d3209-9091-e13a-130a-99f6370cbaeb&tv=%7Bc:5JkqGF,pingTime:-3,time:37,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:37,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYWX3sc+11%7C12%7C13%7C141%7C142%7C15*.899486-59154207%7C151%7C152%7C153,idMap:15*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-187-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 7405 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=cc9d3209-9091-e13a-130a-99f6370cbaeb&tv=%7Bc:5JkqGG,pingTime:-6,time:38,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:38,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYWX3sc+11%7C12%7C13%7C141%7C142%7C15*.899486-59154207%7C151%7C152%7C153,idMap:15*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:pt.vermin-club.org*&br=c
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-187-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 7405 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=cc9d3209-9091-e13a-130a-99f6370cbaeb&tv=%7Bc:5JkqGJ,pingTime:-2,time:41,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:319,beZ:320,mfA:322,cmA:323,inA:323,inZ:328,prA:328,prZ:332,si:336,poA:336,poZ:352,cmZ:352,mfZ:352,loA:357,loZ:358,ltA:360,ltZ:360%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYWX3sc+11%7C12%7C13%7C141%7C142%7C15*.899486-59154207%7C151%7C152%7C153,idMap:15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:24,readyFired:true%7D&br=c
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-187-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 7405 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=cc9d3209-9091-e13a-130a-99f6370cbaeb&tv=%7Bc:5JkqMu,pingTime:-10,time:398,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1646245668789%7C%7C2fee81effd0c3e2c1a235bcc3cb4b2e5%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ccc5d70049ad0e4397a5ae0a15f0e24bb%7C%7C7b0e9bc75ffccc129d98b00e467c121c%7C%7Cc439ecf1e44193e6370698daa48a41b9%7C%7Cba2e92a957389a0e29e0cc78608bc9a8%7C%7C41c303596266d896c333abd1bacd4a44%7C%7C1629390669%7D
Requested by
Host: 32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
URL: https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-187-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 832F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBbeCrbmHU5ogNYB4CKA0M8rEnk0A_6Y-18PwSDForE-ORfYhI79bpSHJVHdEgqhgLLP-iSB1YlDLN0j-A-b-X9cbJTo92cWP5gHx4vBVVFdSm-vZqmg&sai=AMfl-YQtgPhUtZ8CJ5HJT95_5-P3Fr9A97sjRqTEPvqj-GGSWeiNyjSPQfOMRkacfUQdMrIAP36RgPJjTO0KO7xyYsUC4oNVEc1TGBCaX4m_brOps0Fftik2sqme6K7v0Pk&sig=Cg0ArKJSzGJOxAPDzJL5EAE&cid=CAASFeRob3GuxrK84kWPx6r2Oc_CoE6eVg&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220228&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4207632455&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646245667661&rpt=148&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7405 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHEQq2VzzxpA6vGNzjZuR9Lis-mPy352wNLBAR-1WJLkhnq6cEmORpjhE_cqAsGy62P7dW0lg3vu25pOfum9do_WFs1kKrQPDBMeqBXPHVw6PYnxqNcQ&sai=AMfl-YQQDOovj3i_PkkGjtOEz6RToGcG_zqVY85QiMNF0-CC4wbPE1t7xlSzY6Kz1CE9NAjKEzEOZ_uYz46g5ZHjFfV9SFtoFYeX2GBeCsoh&sig=Cg0ArKJSzGxwNp32_tjUEAE&cid=CAQSLQCNIrLMOQGCPVZopYjxGEtFK8B9IlW9E-nNdDwQ6w1j2dtbKrjxK7n7365CIA&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220228&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=425309194&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646245668073&rpt=130&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 7405 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=cc9d3209-9091-e13a-130a-99f6370cbaeb&tv=%7Bc:5JkqTR,time:855,type:e,im:%7Bpci:%7Btdr:813%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:855,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B849~0%5D,as:%5B849~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:105,fm:sYWX3sc+11%7C12%7C13%7C141%7C142%7C15*.899486-59154207%7C151%7C152%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-187-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:49 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpt.vermin-club.org%2F&domain=pt.vermin-club.org&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=aB5mwXxWQ2lBZUEyUWVDM1BTUXdNRHhlMUFSOXhPeWoyTzBFcysrdXJnK3hSZlkvUzBSWFYreFNjWXgrenI0d1hLWXFSdWVyUkVFTlhiMTVOU0ZWK0s4eVRoK1NOV3NsY2tvV3R3OWNEQlZxcHpJMzl5TFNMZkJTMFdXNU...
358 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aB5mwXxWQ2lBZUEyUWVDM1BTUXdNRHhlMUFSOXhPeWoyTzBFcysrdXJnK3hSZlkvUzBSWFYreFNjWXgrenI0d1hLWXFSdWVyUkVFTlhiMTVOU0ZWK0s4eVRoK1NOV3NsY2tvV3R3OWNEQlZxcHpJMzl5TFNMZkJTMFdXNU82UWVvVEFhSXNKcEJUT2ZtUCs2UlRnc1pmUlJ3aTNuM3EyNDNsYWNMUkl1NEh2Q1QzNG9xQTA3Q0FRWk5ERXVKNXNYN0RJY29nWjF5L3RIY2hSRENpUW1FcmdKY1I2VHBubzZqV3YzM215Q3V5cE05dW1TUStNUk5kbHo5bWFzS25zNVhPdWVhfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
053dc78fc29e170b59accdb45f5337bde93389aca1cc9762881ce6e75082c3c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3051
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
location
https://mug.criteo.com/sid?cpp=aB5mwXxWQ2lBZUEyUWVDM1BTUXdNRHhlMUFSOXhPeWoyTzBFcysrdXJnK3hSZlkvUzBSWFYreFNjWXgrenI0d1hLWXFSdWVyUkVFTlhiMTVOU0ZWK0s4eVRoK1NOV3NsY2tvV3R3OWNEQlZxcHpJMzl5TFNMZkJTMFdXNU82UWVvVEFhSXNKcEJUT2ZtUCs2UlRnc1pmUlJ3aTNuM3EyNDNsYWNMUkl1NEh2Q1QzNG9xQTA3Q0FRWk5ERXVKNXNYN0RJY29nWjF5L3RIY2hSRENpUW1FcmdKY1I2VHBubzZqV3YzM215Q3V5cE05dW1TUStNUk5kbHo5bWFzS25zNVhPdWVhfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pt.vermin-club.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1677
content-length
509
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpt.vermin-club.org%2F&domain=pt.vermin-club.org&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://pt.vermin-club.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://pt.vermin-club.org
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1672
date
Wed, 02 Mar 2022 18:27:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 7EBB 		1 KB
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e5c304f892783a0-MXP
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
onetag-sys.com/usync/ Frame DF3E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1646245666352
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usersync
ssp.wp.pl/bidder/ Frame 4D64 		442 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

server
nginx
date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 12:16:22 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 43E2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=114647
expires
Fri, 04 Mar 2022 02:18:37 GMT
date
Wed, 02 Mar 2022 18:27:50 GMT
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 737A 		442 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

server
nginx
date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 12:16:22 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 442F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1646245666353
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
apacdex
sync.quantumdex.io/usersync/ Frame 41D3 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbd93b450d8df37e4931202917952ae76ebad2ccea40865c0992d024dc1ccf3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e5c304f8b483755-MXP
content-encoding
gzip
connectmyusers.php
cdn.connectad.io/ Frame 32DD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e5c304f892983a0-MXP
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apacdex
sync.quantumdex.io/usersync/ Frame B9D4 		4 KB
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a77688f0439c222940202061d4ce6e00bcfd7974c57b8aae587de5354ba27732

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e5c304f8b503755-MXP
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame C00C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 02 Mar 2022 18:27:50 GMT
Age
43779
X-Served-By
cache-lga13628-LGA, cache-hhn4069-HHN
X-Cache
HIT, HIT
X-Cache-Hits
3, 879216
X-Timer
S1646245670.351462,VS0,VE0
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C317 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=114647
expires
Fri, 04 Mar 2022 02:18:37 GMT
date
Wed, 02 Mar 2022 18:27:50 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9CAF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Mar 2022 06:18:08 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 02 Mar 2022 18:27:50 GMT
Age
43779
X-Served-By
cache-lga13628-LGA, cache-hhn4026-HHN
X-Cache
HIT, HIT
X-Cache-Hits
3, 850612
X-Timer
S1646245670.350416,VS0,VE0
Vary
Accept-Encoding
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pt.vermin-club.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame 4D64 		128 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
2c9206700a231a32e3d46b5d95237c88b2d7c063721b29de8dc557bdcfe93059

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 14:32:37 GMT
server
nginx
etag
W/"6ada4ea18f00c095713bf5f7c1a7aa67"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame 737A 		128 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
2c9206700a231a32e3d46b5d95237c88b2d7c063721b29de8dc557bdcfe93059

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-encoding
br
last-modified
Wed, 02 Mar 2022 14:32:37 GMT
server
nginx
etag
W/"6ada4ea18f00c095713bf5f7c1a7aa67"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
async_usersync
ib.adnxs.com/ Frame 9CAF 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a24237fc-5d7c-484d-b76e-d7ab9b03ab5c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C00C 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
839509ed-18ee-472b-af41-0ad2eb850aeb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 43E2 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55645440&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
24e37651deda071f810983d095e9159f49d123dded30d81cdd5cccc0e8055f72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aB5mwXxWQ2lBZUEyUWVDM1BTUXdNRHhlMUFSOXhPeWoyTzBFcysrdXJnK3hSZlkvUzBSWFYreFNjWXgrenI0d1hLWXFSdWVyUkVFTlhiMTVOU0ZWK0s4eVRoK1NOV3NsY2tvV3R3OWNEQlZxcHpJMzl5TFNMZkJTMFdXNU82UWVvVEFhSXNKcEJUT2ZtUCs2UlRnc1pmUlJ3aTNuM3EyNDNsYWNMUkl1NEh2Q1QzNG9xQTA3Q0FRWk5ERXVKNXNYN0RJY29nWjF5L3RIY2hSRENpUW1FcmdKY1I2VHBubzZqV3YzM215Q3V5cE05dW1TUStNUk5kbHo5bWFzS25zNVhPdWVhfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1187
date
Wed, 02 Mar 2022 18:27:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
1
sync-eu.connectad.io/syncer/ Frame 4FC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.connectad.io/

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cache-control
no-cache, private
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e5c30503b0883a0-MXP
dt
dt.adsafeprotected.com/ Frame 7405 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=cc9d3209-9091-e13a-130a-99f6370cbaeb&tv=%7Bc:5Jkrd1,pingTime:1,time:2043,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D,%7Bpiv:100,vs:i,r:,t:1041%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1041,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1036~0,0~100%5D,as:%5B1036~728.90%5D%7D%7D,%7Bsl:i,t:1041,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:106,fm:sYWX3sc+11%7C12%7C13%7C141%7C142%7C15*.899486-59154207%7C151%7C152%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-187-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 7405 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=cc9d3209-9091-e13a-130a-99f6370cbaeb&tv=%7Bc:5Jkrd1,pingTime:1,time:2043,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D,%7Bpiv:100,vs:i,r:,t:1041%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1041,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1036~0,0~100%5D,as:%5B1036~728.90%5D%7D%7D,%7Bsl:i,t:1041,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:106,fm:sYWX3sc+11%7C12%7C13%7C141%7C142%7C15*.899486-59154207%7C151%7C152%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-187-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 7405 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=899486&asId=cc9d3209-9091-e13a-130a-99f6370cbaeb&tv=%7Bc:5Jkrd2,pingTime:1,time:2044,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D,%7Bpiv:100,vs:i,r:,t:1041%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1041,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1036~0,0~100%5D,as:%5B1036~728.90%5D%7D%7D,%7Bsl:i,t:1041,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:106,fm:sYWX3sc+11%7C12%7C13%7C141%7C142%7C15*.899486-59154207%7C151%7C152%7C153,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.187.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-187-127.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
s.ad.smaato.net/c/ Frame 41D3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
vMGNdqtM5AQDEtUgalTG-RWdF6HafKqrlcmA4JGoj0_KYSvisPm5KA==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 41D3
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP778bad00-9a56-11ec-9060-02fd1e388e70
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP778bad00-9a56-11ec-9060-02fd1e388e70
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP778bad00-9a56-11ec-9060-02fd1e388e70
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3050fe4c3755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP778bad00-9a56-11ec-9060-02fd1e388e70
date
Wed, 02 Mar 2022 18:27:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 41D3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8294915491257360866
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8294915491257360866
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3050fe463755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1c9345e8-8ebc-4d32-94dc-b76381b6702c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8294915491257360866
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 41D3
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ed00d121-bad0-48bf-a936-92542bee6089
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ed00d121-bad0-48bf-a936-92542bee6089
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c30510e5a3755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ed00d121-bad0-48bf-a936-92542bee6089
date
Wed, 02 Mar 2022 18:27:50 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 41D3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8294915491257360866
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8294915491257360866
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3050de0d3755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d01d050a-597b-46c4-a1ea-c38909130b93
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8294915491257360866
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 41D3
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=2a206806-c4c0-e7b5-268f-fdbc9816a8f2
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=2a206806-c4c0-e7b5-268f-fdbc9816a8f2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3052eae83755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=2a206806-c4c0-e7b5-268f-fdbc9816a8f2
pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 41D3
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=50ae19af-5ab2-533d-989e-629dfa81d5bb
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=50ae19af-5ab2-533d-989e-629dfa81d5bb
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c30533b783755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=50ae19af-5ab2-533d-989e-629dfa81d5bb
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
us
sync.go.sonobi.com/ Frame 41D3 		0
0
setuid
sync.quantumdex.io/ Frame 41D3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-2rP9FQ1E2uFr.B4Zj3OxrYOBKw.9R6bc.V.QcZ4-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-2rP9FQ1E2uFr.B4Zj3OxrYOBKw.9R6bc.V.QcZ4-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3050fe4a3755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-2rP9FQ1E2uFr.B4Zj3OxrYOBKw.9R6bc.V.QcZ4-~A
date
Wed, 02 Mar 2022 18:27:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame 41D3 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.183 , France, ASN16276 (OVH, FR),
Reverse DNS
p08.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:27:49 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
pixel
ap.lijit.com/ Frame 41D3 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 02 Mar 2022 18:27:50 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame B9D4
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3ab9e0fe-a70e-496a-928a-856310c33327
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3ab9e0fe-a70e-496a-928a-856310c33327
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c30510e5c3755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3ab9e0fe-a70e-496a-928a-856310c33327
date
Wed, 02 Mar 2022 18:27:50 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame B9D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8294915491257360866
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8294915491257360866
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3050fe4e3755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3f4a6e41-58cf-46a0-829e-5ea7d572f93a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8294915491257360866
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame B9D4
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=46a2fbf6-bf8e-f7f9-e5dc-9baea9de7325
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=46a2fbf6-bf8e-f7f9-e5dc-9baea9de7325
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3052fae93755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=46a2fbf6-bf8e-f7f9-e5dc-9baea9de7325
pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame B9D4
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=50ae19af-5ab2-533d-989e-629dfa81d5bb
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=50ae19af-5ab2-533d-989e-629dfa81d5bb
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c30533b753755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=50ae19af-5ab2-533d-989e-629dfa81d5bb
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame B9D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8294915491257360866
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8294915491257360866
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c30510e593755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e3aec4c6-ad83-40d6-a359-c32a12529ca1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8294915491257360866
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame B9D4 		0
0
setuid
sync.quantumdex.io/ Frame B9D4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-2rP9FQ1E2uFr.B4Zj3OxrYOBKw.9R6bc.V.QcZ4-~A
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-2rP9FQ1E2uFr.B4Zj3OxrYOBKw.9R6bc.V.QcZ4-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3050fe473755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-2rP9FQ1E2uFr.B4Zj3OxrYOBKw.9R6bc.V.QcZ4-~A
date
Wed, 02 Mar 2022 18:27:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame B9D4 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.183 , France, ASN16276 (OVH, FR),
Reverse DNS
p08.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:27:49 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
pixel
ap.lijit.com/ Frame B9D4 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 02 Mar 2022 18:27:50 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.quantumdex.io/ Frame B9D4
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP778bad00-9a56-11ec-9060-02fd1e388e70
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP778bad00-9a56-11ec-9060-02fd1e388e70
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP778bad00-9a56-11ec-9060-02fd1e388e70
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3050fe4b3755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP778bad00-9a56-11ec-9060-02fd1e388e70
date
Wed, 02 Mar 2022 18:27:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame B9D4 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Kum9-kxnPBlPOm9jeISzATncw5QOUlGOjA9A3wJHM8VVrk1DTTNZow==
x-cache
FunctionGeneratedResponse from cloudfront
usermatch
ssum-sec.casalemedia.com/ Frame FFD9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fc11db31deea54a86d65865664141abb6a2ea357a1b682f5b3084f4de08183ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|73|130|17|46|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 02 Mar 2022 18:27:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
Content-Length
1552
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 380A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=114647
expires
Fri, 04 Mar 2022 02:18:37 GMT
date
Wed, 02 Mar 2022 18:27:50 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E8E8 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame BB0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Wed, 02 Mar 2022 18:27:50 GMT
uc.html
sync.go.sonobi.com/ Frame ED25 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 08F7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=114647
expires
Fri, 04 Mar 2022 02:18:37 GMT
date
Wed, 02 Mar 2022 18:27:50 GMT
vary
Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame 5507 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Wed, 02 Mar 2022 18:27:50 GMT
/
onetag-sys.com/usync/ Frame E74D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame F138 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame 20B0 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
05c5d3bbc9041d23b57f388c123d1c548e64193bc637bee0f2c533a790fa5d18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|73|195|218|31|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 02 Mar 2022 18:27:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
Content-Length
1687
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame FFD9 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame FFD9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame FFD9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:51 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VMPXW0VC9XQNK18NB83F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9HZWXNGH55QFJG9HSD7H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FFD9 		43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8032:ea84:336c:262b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame FFD9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAF4C07EP24AAHksVH03uQ&expiration=1647455270&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAF4C07EP24AAHksVH03uQ&expiration=1647455270&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Mar 2022 18:27:50 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAF4C07EP24AAHksVH03uQ&expiration=1647455270&gdpr=1
Date
Wed, 02 Mar 2022 18:27:50 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame FFD9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 02 Mar 2022 18:27:51 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
getuid
secure.adnxs.com/ Frame FFD9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame FFD9 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c30518f8c3755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cs&eq_cc=1
um2.eqads.com/um/ Frame 4967
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.231.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-231-109.compute-1.amazonaws.com
Software
/
Resource Hash
b1f99f367f8704c0c91ecaed76bc0868d0fcd9fe6a6e779ca1687a2a59ecaf79

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Wed, 02 Mar 2022 18:27:51 GMT
pragma
no-cache

Redirect headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
dcm
s.amazon-adsystem.com/ Frame 20B0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:51 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J1J950SGDTFDYZAX1B8H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V7CG3NAWZ6XFG8B1KDAH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 20B0 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 20B0 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 20B0 		43 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8032:ea84:336c:262b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 20B0
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f485b240-ca98-47de-a4db-a071a609c9df
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f485b240-ca98-47de-a4db-a071a609c9df
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Mar 2022 18:27:51 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-f485b240-ca98-47de-a4db-a071a609c9df
date
Wed, 02 Mar 2022 18:27:51 GMT
server
Apache-Coyote/1.1
content-length
0
ibs:dpid=23728&dpuuid=Yh.3I7VlC8V.UrxmdB3VAgAA%261149
dpm.demdex.net/ Frame 20B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yh.3I7VlC8V.UrxmdB3VAgAA%261149?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.134.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-134-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
noop
px.owneriq.net/ Frame 20B0
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6995320701087191300&uid=Q6995320701087191300&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.89.45.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-45-32.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 18:27:50 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Wed, 02 Mar 2022 18:27:50 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 20B0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3373112829131155851
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3373112829131155851
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Mar 2022 18:27:50 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3373112829131155851
pragma
no-cache
date
Wed, 02 Mar 2022 18:27:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
sync.quantumdex.io/ Frame 20B0 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Yh-3I7VlC8V-UrxmdB3VAgAABH0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6e5c3051bff03755-MXP
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame F2A4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Mar 2022 18:27:51 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 02 Mar 2022 18:27:50 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 959F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ab4621f-b726-4200-8db6-5509135c74ab&gdpr=0&gdpr_consent=
42 B
498 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ab4621f-b726-4200-8db6-5509135c74ab&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Mar 2022 12:55:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0022:0:481
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 02 Mar 2022 18:27:50 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4172 645ee8c master zrh-pixel-x13 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7ab4621f-b726-4200-8db6-5509135c74ab&gdpr=0&gdpr_consent=
Expires
Wed, 02 Mar 2022 18:27:49 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A9A9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2297747156708033810
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2297747156708033810
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Mar 2022 18:27:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug007:0:432
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2297747156708033810
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame D0A8 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 02 Mar 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
459056
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame F4D8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070571313856510091
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070571313856510091
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Mar 2022 18:27:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug007:0:503
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 02 Mar 2022 18:27:50 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7070571313856510091
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 74AB 		0
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
Varnish
retry-after
0
accept-ranges
bytes
date
Wed, 02 Mar 2022 18:27:50 GMT
via
1.1 varnish
x-served-by
cache-hhn4025-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1646245671.973004,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 99EA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CsQwfrNJSdtMps5iBUuh3tlAlwU
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CsQwfrNJSdtMps5iBUuh3tlAlwU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Mar 2022 13:44:29 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0026:0:472
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 02 Mar 2022 18:27:51 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CsQwfrNJSdtMps5iBUuh3tlAlwU
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 6D5A
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Mar 2022 12:55:54 GMT
content-type
text/html; charset=utf-8
x-lat
amspug0024:2:263
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Wed, 02 Mar 2022 18:27:51 GMT
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 43E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rs04vm8fQAmj-tFMxWUhCQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=114647
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 04 Mar 2022 02:18:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8f2621f-b726-4200-aed2-b00d275d4d7e
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8f2621f-b726-4200-aed2-b00d275d4d7e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Mar 2022 18:27:50 GMT
Server
MT3 4172 645ee8c master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8f2621f-b726-4200-aed2-b00d275d4d7e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Mar 2022 18:27:49 GMT
mw
mwzeom.zeotap.com/ Frame 43E2
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=46CD38BE-6F1F-4009-A3FA-D14CC5652109
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=9f184b98-2279-4258-a3ce-33a29ca54634&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=
  • https://spl.zeotap.com/?zdid=1332&zcluid=0d7eb5aa2f623bb1
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e2dda741-c268-4b31-6a3c-c229314f67a7&reqId=c451804b-f207-43ed-7acf-9ff4932c6324&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEDGf0IkIhvgdAzbEbwQHz1I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e2dda741-c268-4b31-6a3c-c229314f67a7&reqId=c451804b-f207-43ed-7acf-9ff...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEDGf0IkIhvgdAzbEbwQHz1I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e2dda741-c268-4b31-6a3c-c229314f67a7&reqId=c451804b-f207-43ed-7acf-9ff4932c6324&zcluid=0d7eb5aa2f623bb1&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6e5c30562bc083a0-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEDGf0IkIhvgdAzbEbwQHz1I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e2dda741-c268-4b31-6a3c-c229314f67a7&reqId=c451804b-f207-43ed-7acf-9ff4932c6324&zcluid=0d7eb5aa2f623bb1&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDZDRDM4QkUtNkYxRi00MDA5LUEzRkEtRDE0Q0M1NjUyMTA5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug027:0:677
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJIKffqULTACEPOTQrBzz1c&google_cver=1
42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJIKffqULTACEPOTQrBzz1c&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:445
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJIKffqULTACEPOTQrBzz1c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 43E2 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 01 Mar 2022 18:27:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7467543383707240491
42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7467543383707240491
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 12:54:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0028:0:369
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:51 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7467543383707240491
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9f184b98-2279-4258-a3ce-33a29ca54634
42 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9f184b98-2279-4258-a3ce-33a29ca54634
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:378
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9f184b98-2279-4258-a3ce-33a29ca54634
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8294915491257360866&gdpr=0&gdpr_consent=
42 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8294915491257360866&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:359
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:50 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2b76f578-6016-4c48-bf4b-fefd849eb575
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8294915491257360866&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mqx4gc6pe9GB-y3WmP1kgZmoetKBqHGDnf9Edzyv
42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mqx4gc6pe9GB-y3WmP1kgZmoetKBqHGDnf9Edzyv
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug026:0:643
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mqx4gc6pe9GB-y3WmP1kgZmoetKBqHGDnf9Edzyv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
46CD38BE-6F1F-4009-A3FA-D14CC5652109
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 43E2 		43 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/46CD38BE-6F1F-4009-A3FA-D14CC5652109?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8032:ea84:336c:262b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-t30xweFE2uV6BX3MpIGY8z7gUewmJEo-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-t30xweFE2uV6BX3MpIGY8z7gUewmJEo-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-t30xweFE2uV6BX3MpIGY8z7gUewmJEo-~A&gdpr=0&gdpr_consent=
date
Wed, 02 Mar 2022 18:27:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://px.adhigh.net/p/cm/bsw?u=46be2ef1-7717-44e9-aee0-30fbd8c02846&bidswitch_ssp_id=pubmatic
  • https://px.adhigh.net/p/cm/bsw?u=46be2ef1-7717-44e9-aee0-30fbd8c02846&bidswitch_ssp_id=pubmatic&bounced=1
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=usYvP4pDTNRZ.AikABlF_S-Nw7g&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=46be2ef1-7717-44e9-aee0-30fbd8c02846&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=46be2ef1-7717-44e9-aee0-30fbd8c02846&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:484
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=46be2ef1-7717-44e9-aee0-30fbd8c02846&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 02 Mar 2022 18:27:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3373112829131155851&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3373112829131155851&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:402
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3373112829131155851&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 02 Mar 2022 18:27:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 43E2
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c8530017-bbad-44a9-805e-f07fe6c8dd71&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c8530017-bbad-44a9-805e-f07fe6c8dd71&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:325
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c8530017-bbad-44a9-805e-f07fe6c8dd71&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 02 Mar 2022 18:27:50 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 43E2 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:51 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
crum
dsum-sec.casalemedia.com/ Frame 4967 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=a9506e5b-4ed0-4200-9592-b50b55d0155c&expiration=1654194471
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Mar 2022 18:27:51 GMT
async_usersync
ib.adnxs.com/ Frame 9CAF 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:51 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c821cc27-2324-46c3-8b8c-1656fce334b0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C00C 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Mar 2022 18:27:51 GMT
X-Proxy-Origin
217.64.151.5; 217.64.151.5; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
49706051-dae4-49dc-9dae-8ea6045e26b6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 43E2 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C317 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60765711&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
58915e6ba1cdb3cd8d91a52442621e1eb73cc05aa8f3c30ac2168e01c2321496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:52 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rtset
bh.contextweb.com/bh/ Frame D967
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGNEMwN0VQMjRBQUhrc1ZIMDN1UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAF4C07EP24AAHksVH03uQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
0
0
pub
matching.truffle.bid/sync/ Frame F03D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.21.4
Date
Wed, 02 Mar 2022 18:27:53 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 0DEC 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 02 Mar 2022 18:27:53 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 614D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame AE5E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1646245673476
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5504513764
  • https://sync.1rx.io/usersync/tradedesk/9f184b98-2279-4258-a3ce-33a29ca54634
  • https://sync.targeting.unrulymedia.com/csync/RX-a0f94def-a5d4-40a6-b633-792dbdc05d36-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a0f94def-a5d4-40a6-b633-792dbdc05d36-003
0
0
cookiesync
core.iprom.net/ Frame DD8E 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
komodo-56f7eb8f6045@version_1.379
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Wed, 02 Mar 2022 18:27:53 GMT
dpe
ad4m.at/ad/ Frame B085 		15 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Mar 2022 18:27:53 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
max-age=43200, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
age
103787
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6e5c306368a10f86-MXP
Pug
image2.pubmatic.com/AdServer/ Frame 529C
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfbFs7JbQZOLeA3jrf7CYaQz
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfbFs7JbQZOLeA3jrf7CYaQz
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Mar 2022 18:27:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug011:0:509
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 02 Mar 2022 18:27:53 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=GfbFs7JbQZOLeA3jrf7CYaQz
strict-transport-security
max-age=0; includeSubDomains;
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame D03A
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=11bdb3a8-7e36-4c0b-a3a7-5697f3c353e5-tuct9193ca9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=11bdb3a8-7e36-4c0b-a3a7-5697f3c353e5-tuct9193ca9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 02 Mar 2022 18:27:53 GMT
via
1.1 varnish
x-served-by
cache-hhn4037-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1646245674.646173,VS0,VE8
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=11bdb3a8-7e36-4c0b-a3a7-5697f3c353e5-tuct9193ca9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 02 Mar 2022 18:27:53 GMT
via
1.1 varnish
x-served-by
cache-mxp6967-MXP
x-cache
MISS
x-cache-hits
0
x-timer
S1646245674.559031,VS0,VE27
x-vcl-time-ms
27
content-length
0
141
match.deepintent.com/usersync/ Frame 1E47 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 02 Mar 2022 18:27:53 GMT
server
a
bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
um.simpli.fi/ Frame 556C
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C76C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZzVOtG521NptHz5&gdpr=0&gdpr_consent=
42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZzVOtG521NptHz5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Mar 2022 18:27:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug014:0:344
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 02 Mar 2022 18:27:53 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZzVOtG521NptHz5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame B095
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8B1A550DAC42406EAD2920467F619187
1 B
146 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8B1A550DAC42406EAD2920467F619187
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Mar 2022 13:50:37 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug0023:0:331
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Wed, 02 Mar 2022 18:27:53 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8B1A550DAC42406EAD2920467F619187
expires
Tue, 01 Mar 2022 18:27:53 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Artemis
aud.pubmatic.com/AdServer/ Frame C317
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&addseg=19,36,42
0
0
info2
uipglob.semasio.net/pubmatic/1/ Frame C317
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=46CD38BE-6F1F-4009-A3FA-D14CC5652109&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=46CD38BE-6F1F-4009-A3FA-D14CC5652109&sInitiator=external&gdpr=0&gdpr_consent=
0
0
mw
mwzeom.zeotap.com/ Frame C317 		95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6e5c30631b2b83a0-MXP
access-control-allow-headers
*
content-length
95
match
a.audrte.com/ Frame C317 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame C317
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:53 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:649
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:53 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C317
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8294915491257360866
0
0
d1ba4609
rtb.gumgum.com/getuid/ Frame C317 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.212.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:53 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame C317 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 380A 		148 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12195522&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0ba1c3a9ff58aa3171b5fa1f83a3055b6d0aed71b2da5cb3e1cf2255aabe562d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
148
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 08F7 		148 B
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98510590&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0ba1c3a9ff58aa3171b5fa1f83a3055b6d0aed71b2da5cb3e1cf2255aabe562d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 18:27:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
148
content-type
text/html; charset=UTF-8
setuid
sync.quantumdex.io/ Frame B83E 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Mar 2022 18:27:53 GMT
content-type
image/gif
content-length
43
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e5c3063e8673755-MXP
ids
idsync.frontend.weborama.fr/ Frame 380A
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=787035825
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CD38BE-6F1F-4009-A3FA-D14CC5652109
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
35.201.81.244 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:53 GMT
via
1.1 google
last-modified
Wed, 02 Mar 2022 18:27:53 GMT
server
nginx/1.18.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CD38BE-6F1F-4009-A3FA-D14CC5652109
date
Wed, 02 Mar 2022 18:27:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ids
idsync.frontend.weborama.fr/ Frame 08F7
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3446059053
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CD38BE-6F1F-4009-A3FA-D14CC5652109
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
35.201.81.244 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 18:27:53 GMT
via
1.1 google
last-modified
Wed, 02 Mar 2022 18:27:53 GMT
server
nginx/1.18.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=46CD38BE-6F1F-4009-A3FA-D14CC5652109
date
Wed, 02 Mar 2022 18:27:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
setuid
sync.quantumdex.io/ Frame 3ECF 		43 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Mar 2022 18:27:53 GMT
content-type
image/gif
content-length
43
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e5c3063e8683755-MXP

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160120&gdpr=0&gdpr_consent=&us_privacy=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAF4C07EP24AAHksVH03uQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Domain
s.tribalfusion.com
URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a0f94def-a5d4-40a6-b633-792dbdc05d36-003
Domain
um.simpli.fi
URL
https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
Domain
aud.pubmatic.com
URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=46CD38BE-6F1F-4009-A3FA-D14CC5652109&addseg=19,36,42
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=46CD38BE-6F1F-4009-A3FA-D14CC5652109&sInitiator=external&gdpr=0&gdpr_consent=
Domain
a.audrte.com
URL
https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=46CD38BE-6F1F-4009-A3FA-D14CC5652109
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8294915491257360866
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 function| structuredClone object| oncontextlost object| oncontextrestored object| __cfQR object| cookieconsent function| ym boolean| __cfRLUnblockHandlers function| setCookie function| getCookie function| createGeoRestrictionCookie object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime object| _0x6c45 number| zxadflg_rich_stat boolean| cs_flg string| zxmngname_ext string| yamId string| zx_domaine_ext string| zxadblockmng_ext number| zx_ad_flg boolean| zx_flgCap number| zx_gcWrk boolean| zx_flgOverlay boolean| zx_flgNative function| ZxStartMainModule number| nmprd object| t object| e string| zx_type_ad string| zxadpartner_ext object| __ZXNT number| zxCheckAbsStart object| __ZXCONSENT object| _mgIntExchangeNews object| MarketGidInfC1207559 function| MarketGidCContextBlock1207559 function| MarketGidCMainBlock1207559 function| MarketGidCInternalExchangeBlock1207559 function| MarketGidCRejectBlock1207559 function| MarketGidCInternalExchangeLoggerBlock1207559 function| MarketGidCObserverBlock1207559 function| MarketGidCSendDimensionsBlock1207559 function| MarketGidCRtbBlock1207559 function| MarketGidCIframeSizeChangerBlock1207559 function| MarketGidCContentPreviewBlock1207559 function| MarketGidCResponsiveBlock1207559 boolean| mg_loaded_718136_1207559 boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| AdPlayerPro function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Ya object| yaCounter49262191 object| _0x5263 object| $jscomp function| $jscomp$lookupPolyfilledValue number| mrwrk object| MpRd object| ggeac object| google_js_reporting_queue number| zxCheckAbs undefined| google_measure_js_timing object| sas object| apntag object| _ADAGIO object| onClickExcludes function| mgReject1207559 function| mgLoadAds1207559 function| MarketGidCReject1207559 function| MarketGidLoadGoods1207559 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint718136 string| _mgPvid boolean| _mgPageView718136 boolean| i.js.loaded boolean| i-noref.js.loaded object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| _mgwcapping boolean| _mgPageImp718136 object| google_image_requests

88 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: WoN9Tg4vArDA_wAFrCHaiPlCBKNxyccEKiLlqNZhREo-1646245665-0-AXCtc4dzyaQdB/9KTVbObhEeN+PI9PFT5O7kbX9LsEKz+mdQasGnzpobE8Ul0mU7ZVzcz9j3J/RveZSWabM1p88=
pt.vermin-club.org/ Name: __oagr
Value: true
pt.vermin-club.org/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.vermin-club.org/ Name: _ym_uid
Value: 1646245666552382739
.vermin-club.org/ Name: _ym_d
Value: 1646245666
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3841508224fake
.vermin-club.org/ Name: _ym_isad
Value: 2
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 278104525fake
.quantumdex.io/ Name: uid
Value: b7d2a494-b93d-4594-983d-26b945e29b91
.yandex.com/ Name: yandexuid
Value: 4413554421646245666
.yandex.com/ Name: yuidss
Value: 4413554421646245666
mc.yandex.com/ Name: yabs-sid
Value: 1437557741646245666
.yandex.com/ Name: i
Value: CSJP+n42o6ZBGAg6ooQDn2HKqoVz48fgX1cwKBUWposLwqTkarWh53fFMzV9Z1F2Gz47JcZnRd92NKyLXMe0zoHiBGQ=
.yandex.com/ Name: ymex
Value: 1677781666.yrts.1646245666#1677781666.yrtsi.1646245666
prebid.a-mo.net/ Name: __amc
Value: 1_1646245666_1646245666
servicer.mgid.com/ Name: __mglb
Value: f093cb96f37842cf40d0daae92270708
.mgid.com/ Name: muidn
Value: m22KLe2meora
pt.vermin-club.org/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1207559%22%3A%7B%22page%22%3A1%2C%22time%22%3A1646245666864%7D%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUnso1aN6SoEiSoqURlRm2NuJfAQHau2Kwwe-GmG7a9NhqNXR2MicLyto_Ft
.adnxs.com/ Name: uuid2
Value: 8294915491257360866
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?ihNSA@!]tbPl1M>e)ZlrFUfJ+tGXxp$MrtKoAhXBXPQ?!'bR>7xFZb)[c?2eTx!JxE3If)y3KL9D3I?+f3h*8z
.casalemedia.com/ Name: CMPS
Value: 5199
.casalemedia.com/ Name: CMID
Value: Yh.3I7VlC8V.UrxmdB3VAgAA
.casalemedia.com/ Name: CMPRO
Value: 1149
.vermin-club.org/ Name: __gads
Value: ID=32e0aaae4a775a41:T=1646245667:S=ALNI_MZJ-vb3om4Y3BGcbeG5tUZy0W00GA
.ads.pubmatic.com/ Name: KCCH
Value: YES
pt.vermin-club.org/ Name: cto_bundle
Value: u0Zst19KbGhEYWVQc2pSbUVTaTZwJTJCYVNzaDA0bXhVWE5LV2olMkZxVm5KbUlsMWtVJTJGZTRPV1RqTURnTjNWQjZBU3Y0VDBldjFqNEQlMkYxZTl2WVBkUE02RHE2aHpMbU1qZDNBM3RScEVXYiUyQndvd1RkM1pUc1BiYjdsaWIya1U2ZGhFN1VTTUs
pt.vermin-club.org/ Name: cto_bidid
Value: w3bKQl96a25KWXNXWXljM1Q4ekZTR0JFSzNDcDl0diUyQnVuJTJGSyUyRnh0bnFIU0xMQ3M5NWJoYWd6UTVSb0RqZ2NYbyUyQmlkMDUlMkZJSmp5TFRNZGdtaEg3REVEVHRsYXclM0QlM0Q
.advertising.com/ Name: APID
Value: UP778bad00-9a56-11ec-9060-02fd1e388e70
.yahoo.com/ Name: A3
Value: d=AQABBCa3H2ICEOH_xcAAz1Tp7jsNR9UgkF0FEgEBAQEIIWIpYgAAAAAA_eMAAA&S=AQAAAppYTKnkxcsGLtoGSirz1Js
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.sharethrough.com/ Name: stx_user_id
Value: 3ab9e0fe-a70e-496a-928a-856310c33327
.owneriq.net/ Name: si
Value: Q6995320701087191300
.owneriq.net/ Name: p2
Value: cc
.turn.com/ Name: uid
Value: 3373112829131155851
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 50ae19af-5ab2-533d-989e-629dfa81d5bb
.bidr.io/ Name: bito
Value: AAF4C07EP24AAHksVH03uQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.disqus.com/ Name: zeta-ssp-user-id
Value: 46a2fbf6-bf8e-f7f9-e5dc-9baea9de7325
.betweendigital.com/ Name: ut
Value: Yh-3JgANH2D3gj3Dx2xwmFUFJt_SJAlF7SN4wQ==
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 46CD38BE-6F1F-4009-A3FA-D14CC5652109
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160120:2
.pubmatic.com/ Name: DPSync3
Value: 1647388800%3A197_219_201%7C1646265600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1647043200%3A63%7C1647388800%3A233_13_56_8_71_220_7_3_22_81_234_21_161_54%7C1648771200%3A203%7C1646784000%3A2_223_15%7C1647475200%3A35
.analytics.yahoo.com/ Name: IDSYNC
Value: "192x~23j6:18z8~23j6"
.quantserve.com/ Name: d
Value: EK0BCwHIJfijAA
.quantserve.com/ Name: mc
Value: 621fb726-ed14c-f5635-68d1a
.adsrvr.org/ Name: TDID
Value: 9f184b98-2279-4258-a3ce-33a29ca54634
.eqads.com/ Name: EQUser
Value: UID=a9506e5b-4ed0-4200-9592-b50b55d0155c
.bidswitch.net/ Name: tuuid
Value: 46be2ef1-7717-44e9-aee0-30fbd8c02846
.bidswitch.net/ Name: c
Value: 1646245670
.adfarm1.adition.com/ Name: UserID1
Value: 7070571313856510091
.mathtag.com/ Name: uuid
Value: 7ab4621f-b726-4200-8db6-5509135c74ab
.onaudience.com/ Name: cookie
Value: 0d7eb5aa2f623bb1
.onaudience.com/ Name: done_redirects147
Value: 1
.adform.net/ Name: C
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: c8530017-bbad-44a9-805e-f07fe6c8dd71.415459670
.bidswitch.net/ Name: tuuid_lu
Value: 1646245671
.de17a.com/ Name: guid2
Value: 1.2297747156708033810
.adform.net/ Name: uid
Value: 7467543383707240491
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiwsaLFjKG-OhAFGAEgASgCMgsIgvm78qKhvjoQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/ Name: done_redirects104
Value: 1
.simpli.fi/ Name: suid
Value: 8B1A550DAC42406EAD2920467F619187
.casalemedia.com/ Name: CMST
Value: Yh+3I2IftycA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8294915491257360866&KRTB&23339-8294915491257360866
.pubmatic.com/ Name: PugT
Value: 1646245671
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2297747156708033810
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJIKffqULTACEPOTQrBzz1c&KRTB&16514-CAESEJIKffqULTACEPOTQrBzz1c&KRTB&23025-CAESEJIKffqULTACEPOTQrBzz1c
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-mqx4gc6pe9GB-y3WmP1kgZmoetKBqHGDnf9Edzyv&KRTB&19420-mqx4gc6pe9GB-y3WmP1kgZmoetKBqHGDnf9Edzyv&KRTB&22979-mqx4gc6pe9GB-y3WmP1kgZmoetKBqHGDnf9Edzyv
.casalemedia.com/ Name: CMRUM3
Value: 04621fb72627603373112829131155851&2d621fb7232760CAESEB8pLdLc_05-2TMTDAQRhM8&da621fb7262760&1f621fb72605a00&28621fb7272760a9506e5b-4ed0-4200-9592-b50b55d0155c&e6621fb7262760&f1621fb72605a0&49621fb72605a0&82621fb7262760AAF4C07EP24AAHksVH03uQ&c3621fb7272760av-f485b240-ca98-47de-a4db-a071a609c9df&27621fb7260b40
.adhigh.net/ Name: gi_u
Value: usYvP4pDTNRZ.AikABlF_S-Nw7g
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.adhigh.net/ Name: bsw_sync
Value: jxf
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: e2dda741-c268-4b31-6a3c-c229314f67a7
.zeotap.com/ Name: zsc
Value: %C6%CB%DE%C0%CD%19%D7%14%B9%19%F6G%7F%07%F0%E4%85%5Bl%F8%B4%A0%CA%88%FF%5BW%94%EC%1C%C4q+p%AAB%96%E5%0Bf%3A%83-O5%E5%AB%0B%91%80%87%EE%2C%F8w%83%0F%98%A6gx%92%E3c%F5.%AA%1Fr%B4%84%40e%93B%21%CC%E8v%DE%5B%8B%02
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0ac4307e-b349-49db-4ca6-ce62054ba1de.4weLk9icATotBNrhC1OSmGVmmWqBN5Cm4%2FUOGifXpHE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACsQwfrNJSdtMps5iBUuh3tlAlwU.kGho2pPOs7j7mCisn8IsbAhCmVSmMGseC2qey8Kt%2B6I

4 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9565.YNPBQptkZcDmmp8pBPtQUwjabTmtEVrpsmlmcEotRTmYact7M-iZlb0TzhlIddfbyCaCgbM7NtEQs2_ghn3_tw%2C%2C.NfmnID8CF_SUZt7AD8lJYVfeCC0%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32b8daa2ae4e982e73e2a6ea0bd63dc3.safeframe.googlesyndication.com
a.audrte.com
a.vermin-club.org
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
c.mgid.com
c1.adform.net
cdn.connectad.io
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cmp.optad360.io
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.connectad.io
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jsc.mgid.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
mc.yandex.com
mc.yandex.ru
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pt.vermin-club.org
pubmatic-match.dotomi.com
px.adhigh.net
px.owneriq.net
rtb.gumgum.com
s-img.mgid.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
site2text-2021.web.app
spl.zeotap.com
ssp.disqus.com
ssp.wp.pl
ssum-sec.casalemedia.com
static.adsafeprotected.com
std.wpcdn.pl
storage.googleapis.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.srv.stackadapt.com
sync.teads.tv
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
vermin-club.org
web.hb.ad.cpe.dotomi.com
www.google.com
www.googletagservices.com
x.bidswitch.net
a.audrte.com
aud.pubmatic.com
bh.contextweb.com
hbopenbid.pubmatic.com
s.tribalfusion.com
simage2.pubmatic.com
simage4.pubmatic.com
sync.go.sonobi.com
sync.ipredictive.com
uipglob.semasio.net
um.simpli.fi
104.19.132.78
104.19.136.78
104.89.28.165
104.89.45.32
141.94.170.77
142.250.184.226
142.250.186.66
142.250.186.98
147.75.38.124
15.197.193.217
151.101.1.195
151.101.130.49
151.101.193.108
151.101.193.44
159.65.196.12
169.50.137.182
178.250.0.157
178.250.0.163
18.156.0.31
18.184.26.136
18.194.159.8
184.87.213.8
185.184.8.65
185.29.132.241
185.33.221.53
185.33.221.90
185.64.189.110
185.64.190.78
185.64.190.80
195.5.165.20
198.47.127.20
2.18.233.180
2001:678:cb4:bbbb::11
212.77.98.32
212.77.99.29
213.155.156.183
213.19.147.45
216.52.2.39
23.88.75.189
2600:9000:2156:3200:1b:5138:8a40:93a1
2600:9000:2156:ae00:11:a4de:2580:93a1
2600:9000:224a:c200:8:48e:53c0:93a1
2600:9000:2315:6c00:6:b871:4f00:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:2460
2606:4700:10::ac43:8ae
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700:3032::6815:3503
2606:4700::6810:125e
2606:4700::6810:5514
2620:0:890::100
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2006
2a00:1450:4001:802::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:827::2010
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a02:2638::1c
2a02:6b8::1:119
2a02:fa8:8806:16::1370
2a02:fa8:8806:20::2100
2a04:4e42:400::300
2a05:d018:d29:3602:8032:ea84:336c:262b
3.231.111.247
34.240.134.29
34.242.212.194
35.156.177.8
35.158.245.151
35.201.81.244
35.227.208.19
35.244.159.8
37.157.3.29
37.157.4.29
38.91.45.7
5.161.47.120
51.38.120.206
52.1.164.170
52.204.231.109
52.209.195.4
52.212.39.74
52.30.14.23
52.44.238.197
52.46.130.91
52.71.187.127
54.36.109.183
64.202.112.127
66.155.71.150
72.251.241.196
85.114.159.93
91.207.59.213
94.23.73.243
96.46.186.59
053dc78fc29e170b59accdb45f5337bde93389aca1cc9762881ce6e75082c3c5
05c5d3bbc9041d23b57f388c123d1c548e64193bc637bee0f2c533a790fa5d18
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba1c3a9ff58aa3171b5fa1f83a3055b6d0aed71b2da5cb3e1cf2255aabe562d
0e85a31cb7588db1e0d86283166153648ce68d996aa47523f0a75429aa385516
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19bad32e8551246b5cf0ec00d5d1c32fadedabcf7283a0b30c5aa6188b1868cb
1c0d315a355c315908f0a256fc58318021dfb8be992960d9d5317d2531d44e4a
1cbfa8f1fa958989e6c0910a10ccff91d31bf6209d300176dae4fc7d4a9cf7c7
1ec8660120360dee15aa257d9ff6e5d30e4eec2e9cc5b9f69b275b4226fef871
1f404d500627b3287ae4a89dc9e31c0291a0ba4cc28371fd647e41b195f8afe8
208c5e430e33bb295af95e678eea870042201f0cff4ce85654eab222336357c1
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
241cf4053ed4f3711959e2e222e27268de0fcaa5ad69cf5054543dfa53f57d22
24e37651deda071f810983d095e9159f49d123dded30d81cdd5cccc0e8055f72
272dfdf608f1f8967b383b78154327471ebe20234a219939f54ca390d40e145e
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2934b58d9531b9a4d3955cd7beed46e40e7f4485bb34d1171fd33dd83f18f805
2a0ebad63f72a76eef81489ff5a91460a375240977a35f6f6bb93f1bf1bb5f7d
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c
2c9206700a231a32e3d46b5d95237c88b2d7c063721b29de8dc557bdcfe93059
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31131544d46468158266c1e49e72d94c76ba97dc191e3aab9bc321d13e223713
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33b83e122012e483cdc56c5be150a7d45fa0cc3224222125afc7757938a1d754
367dd665f9afbfccfc1f77a26ca2684fa5e4023fd86735f8182580a1b492be8a
3681a5d910d1a1dd3cad2dabccb1942c34eb31ae8327dc92e45e28528c569066
36a368ba7810253a11eb30199fb05fe6c11a7ac87dbbcc5a546541807ac43f03
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37d742cb539fd632ae327cdf25ca452b3d3ae5492c00cdd41a8afe1fb5f59810
383f95a75b02bb1370e93c9c3c6b9f060a98dbe492b16d8e1da3f653a800e435
3b47b0822eca0f063d9761994afcb069eb121b3b33f472ae5c47ff3f506491c6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
421826ba172a54d9fd676a0a6ec9d635c3f2210aba81b270d1505c8c653ae4ff
4286da091b204ca52bb76d97556d3cd69edb29f6c507e4b094708fd35e65f628
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
4844bd0dd9b6fbbcf54d761c911839947dc63ccdf796238ebb77bf2d9567a5f9
4869d34286cf7e51f09f762190d338474a1489c7afa78a873b6eb05eba5cad0b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c9c7bd67507aff00d091810e9e9014b43e5f1e138d4c02558db85ab70d0b27
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4d91b409fe56a5f77312fc52547d996b300c58cfdc216a1963e057e21394dd9d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b370786b2c9b823d1f51eaa0baa17d718627561f7bea97bcd01b39547ac1e9
58915e6ba1cdb3cd8d91a52442621e1eb73cc05aa8f3c30ac2168e01c2321496
5edee81a3075d220de89cf3dd4990f261468de3264c6c96f579b21d012ff7c63
5eed8af1320fddb7e185ca372f0c96333140ed15e5ec9617c861d832d4757649
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64fdd9773295183d22f04c1d44a02df8e39493c1d7f4352219d08c9aa27de417
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bbd93b450d8df37e4931202917952ae76ebad2ccea40865c0992d024dc1ccf3
6d75c407d160a96010327243698e453ffbc5e2e6aa6d37a80cb8057457210902
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7a1e30f1bc06b771318233a41c45114a00485c8ae2f744ff2cad69863d04281b
7d3f27a3972d1254d23f3464dcedc6f1a1dc3a3e5439322bf715996c20f05edc
7e6651fffda98208e6855973b91f755b8e410bbfce9c1e8019ce554527e533b7
813dc300b281d78f7340d588f6f441e2a38283077f2c06c9c136d767b5ff2af6
819748aea478c2f8f70e789c68753ee7d1b3a52896eda533007f2a163f2e259f
81c57d1f7c6d5e5291231d03a9d5c6fd7b8f496fd7d0648596bff685a7f74f5b
8249e6e6aab05d209185d72bf727e5220b1f067681e62678fb5d81d372696f65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8367e5ca21af3ca77e1b60baf5f8c446b4498fb143d1bd2238a73de185a91821
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8c6e60c44e2e29d40a94d2843b8dd17b89af0a5767802c154fc0d257be4cf42f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9256343b432573ca02984acc2d9093268f49e9fe20f09da83eb9ed03ec19f0c0
93dbba9a02085659c8c7261b8a5a39a75a42d460bdacdbfb948dc4e6991b2d2a
959aee25eab75a97e08dca93b6e55666cfecda326ba941a7e947202bc348484f
985f2302220a754d88db894391711dbc1e9ff6727ee5ccacf94a5afbc65189e3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b6693d257f27bf81d22a76d3e2f1ac3c15a1046961a54ea216516a257ff110f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1521f83cdc8166cb593ec0f360fc007120d5904bd4c9990d625891fe049ea50
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77688f0439c222940202061d4ce6e00bcfd7974c57b8aae587de5354ba27732
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4
ad3568e2108c0abf3ad1c05c629be3ea7c5a8a2dfcda139514224783ae5bbda2
ae654bb00dfb7658439a213abaed4c4360c39709687b4372a148338ebadd8839
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f99f367f8704c0c91ecaed76bc0868d0fcd9fe6a6e779ca1687a2a59ecaf79
b51609a8fc4e12782b6e4c093dc59cba3c1c9ae9bb3381ce407a565f9348613f
b56844afb93461d6fe95b0119ea0f6c6d21bb146bf152e3185a8e8ab6481fc6e
b69e331b79759fb1c0b61205e2704e6228d1952b681cdddc8e808b7e884e3af9
b7635b7386258ed1912e5980dca86825ca530db46f39c29c1b9fe2e2131f5788
b7ef9e6359708b2c0d0ff0782f1e05d8103ee6150b9c978157dce258cb7e95d8
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bbcbb6bbbc30bc9f7ce2e21e30b94d99d485f6aff4f4d0e23d3eeca215991e6b
bd1921065dc2b974eeba17a2617c121528af4dcab92c688db4d249f4aeca802a
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a588f65cb699444392b9183c6ea5304f61f3a9c8c91dfc83b7abbd7d79de85
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c3e8146a8ce9363aca840c573afe77f382a578b5aa1a4b9eacb9dab4e8832635
c5c49768a0cb2abe8f27e94deb8300459def300188a36aa55ae20afae9f271a8
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c9816cc14682b7b8fb965b5220593505dd1ff34dcfdb948a36008c48c325a0b1
c994d197ae60fc8b6d0650e1020c7186d0104cb2e7968ced5fb5b046eba41abe
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06b21ffde792d5820d85d667c466761f2d11eb0c24de8d2ee686bda13cf3ef6
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2683f94ce8822ebc0d92d7c16c84ac4cddfb20b7c483cb4800e34fa16b47190
d457191b7d4df9881e56049184e4ace3f8f4dcc6ead7d4d2257c5cb0dab8f66d
d7ca3e7ab9349be85f6dec597eef84d52fec3bc3ea0f5d42c8beca1b3e9c93f6
dad2d9315a8b46cd1f451c974d866158f97bd50d6104c2465b0bc397ef1981c0
db147d3ba0dcc31af1ef87df2d1f8563e72236bbf8bd2f6ff6b338505f882507
e16dbb8345e55400e35805c68815ae8697b1ce296c715a2546610d569651a107
e1715553a4bc415043f4f7ed6a97f30053378c84c67f503a60ed2ef60d7640b5
e372117e4b3648f815534f3911d6536a6fd881bbf073d469a9e78dea5e6bb66c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bca94e170f6205d89140132c4e2c685cec1a035cf00bdfe8454fc9fea90b3b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb17a933f0977509c796b9055e3c140746326ecd3ec343dfa3614e8bdb1ac2f5
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a6ad157feede3b3ecaf7cb3ee10d95f143c3ee89d8f5cf8d4bb215864acb8c
f2b0f934c75611fe25d683678c7f60d8424e31bd95eb8638a84e4ff08b712eac
f482758b972d3c0ab780ef851221e57609b835ff075dece43fb00a6c984c23a3
f8226c4a493e7940c8fb7760cd0b68656bd25557379cbb42bb8f395a51b478a6
fc11db31deea54a86d65865664141abb6a2ea357a1b682f5b3084f4de08183ff