www.tracking.my Open in urlscan Pro
52.221.161.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tracking.my/
Effective URL:
https://www.tracking.my/
Submission Tags: tranco_l324
Submission: On November 07 via api (November 7th 2021, 6:10:11 am UTC) from DE — Scanned from DE

Summary HTTP 214 Redirects Behaviour Indicators

Summary

This website contacted 73 IPs in 10 countries across 65 domains to perform 214 HTTP transactions. The main IP is 52.221.161.67, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is www.tracking.my.
TLS certificate: Issued by R3 on November 2nd 2021. Valid for: 3 months.

This is the only time www.tracking.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.221.161.67 52.221.161.67	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:303... 2606:4700:3031::ac43:b7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	3.124.87.92 3.124.87.92	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.156.230.193 35.156.230.193	16509 (AMAZON-02) (AMAZON-02)
6 11	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
9	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	63.32.190.233 63.32.190.233	16509 (AMAZON-02) (AMAZON-02)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	18.66.97.105 18.66.97.105	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3 19	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.176.85 3.123.176.85	16509 (AMAZON-02) (AMAZON-02)
6	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
2 2	18.195.106.43 18.195.106.43	16509 (AMAZON-02) (AMAZON-02)
4 5	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
5 7	3.120.56.129 3.120.56.129	16509 (AMAZON-02) (AMAZON-02)
3 6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
10 14	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 3	2a05:d018:d29... 2a05:d018:d29:3601:df82:91d9:7297:1e70	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	209.54.178.82 209.54.178.82	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
24	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.203.131.238 18.203.131.238	16509 (AMAZON-02) (AMAZON-02)
4	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
2 2	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
2	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1 1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	116.203.138.1 116.203.138.1	24940 (HETZNER-AS) (HETZNER-AS)
1 1	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
5 6	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
4	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	52.215.101.139 52.215.101.139	16509 (AMAZON-02) (AMAZON-02)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
6 6	52.49.53.128 52.49.53.128	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	35.156.135.60 35.156.135.60	16509 (AMAZON-02) (AMAZON-02)
1 1	51.255.68.171 51.255.68.171	16276 (OVH) (OVH)
1 6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
2 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	3.70.38.61 3.70.38.61	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.51.235.245 52.51.235.245	16509 (AMAZON-02) (AMAZON-02)
1 2	18.213.10.151 18.213.10.151	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.190.81 185.64.190.81	() ()
214	73

2 52.221.161.67 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-161-67.ap-southeast-1.compute.amazonaws.com

tracking.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tracking.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3031::ac43:b7ba (United States)

ASN13335 (CLOUDFLARENET, US)

mytrackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.87.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-87-92.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.230.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.172.45 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.190.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-190-233.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.105 (United States)

ASN16509 (AMAZON-02, US)

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.176.85 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-176-85.eu-central-1.compute.amazonaws.com

aws-fr.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.106.43 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com

aws-fr-sync.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.29 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.120.56.129 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-56-129.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.130 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (San Francisco, United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:df82:91d9:7297:1e70 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.178.82 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.131.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 6 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.63.132 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.113.101.132 (Wetzlar, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.138.1 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.1.138.203.116.clients.your-server.de

captrader-tracking.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.62.19 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Wetzlar, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.132.241 (United Kingdom) 5 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.215.101.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.49.53.128 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-53-128.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

triplelift-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.135.60 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-135-60.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.68.171 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.236 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.70.38.61 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-38-61.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.235.245 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-235-245.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.10.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	3lift.com 3 redirects tlx.3lift.com ib.3lift.com eb2.3lift.com	97 KB
24	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	486 KB
23	doubleclick.net 10 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	182 KB
20	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image2.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	28 KB
15	adform.net 4 redirects track.adform.net c1.adform.net s1.adform.net	73 KB
12	googlesyndication.com 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	65 KB
12	adnxs.com 6 redirects ib.adnxs.com acdn.adnxs.com	25 KB
12	rubiconproject.com 4 redirects fastlane.rubiconproject.com s.update.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	27 KB
10	bidswitch.net 8 redirects aws-fr.bidswitch.net aws-fr-sync.bidswitch.net x.bidswitch.net	5 KB
9	criteo.com 3 redirects bidder.criteo.com gum.criteo.com mug.criteo.com dis.criteo.com	8 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	9 KB
9	openx.net adasia-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
8	mytrackcdn.com mytrackcdn.com	620 KB
6	bidr.io 6 redirects match.prod.bidr.io	3 KB
6	mathtag.com 5 redirects sync.mathtag.com	3 KB
6	adsrvr.org 3 redirects match.adsrvr.org	3 KB
5	webgains.io analytics.webgains.io api.webgains.io	51 KB
5	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ads.yahoo.com ups.analytics.yahoo.com	3 KB
4	webgains.com track.webgains.com	115 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	o2online.de 2 redirects partner.o2online.de portal.o2online.de	4 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	2 KB
4	google.com www.google.com adservice.google.com	2 KB
4	facebook.net connect.facebook.net	192 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	lead-alliance.net 3 redirects www.lead-alliance.net	2 KB
3	telefonica-partner.de 3 redirects www.telefonica-partner.de	836 B
3	smartadserver.com prg.smartadserver.com rtb-csync.smartadserver.com	1 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	894 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com	883 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	quantserve.com 2 redirects pixel.quantserve.com	940 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	indexww.com js-sec.indexww.com	2 KB
2	criteo.net static.criteo.net	54 KB
2	blau.de 1 redirects partner.blau.de portal.blau.de	2 KB
2	googletagservices.com www.googletagservices.com	74 KB
2	facebook.com www.facebook.com	414 B
2	4dex.io script.4dex.io	23 KB
2	unrulymedia.com targeting.unrulymedia.com	171 B
2	google.de www.google.de adservice.google.de	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	anymind360.com anymind360.com	164 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	tracking.my 1 redirects tracking.my www.tracking.my	6 KB
1	adroll.com 1 redirects d.adroll.com	112 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com	322 B
1	simpli.fi um.simpli.fi	616 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	nrich.ai 1 redirects dsp.nrich.ai	486 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	284 B
1	dotomi.com triplelift-match.dotomi.com	104 B
1	brealtime.com biddr.brealtime.com	1 KB
1	rlcdn.com id.rlcdn.com	417 B
1	captrader-tracking.de captrader-tracking.de
1	awin1.com 1 redirects www.awin1.com	621 B
1	turn.com 1 redirects ad.turn.com	412 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bing.com c.bing.com	593 B
1	linkedin.com px.ads.linkedin.com	596 B
1	smaato.net prebid.ad.smaato.net	342 B
1	emxdgt.com hb.emxdgt.com	160 B
1	gstatic.com fonts.gstatic.com	44 KB
214	65

	Domain	Requested by
19	eb2.3lift.com	3 redirects www.tracking.my ib.3lift.com eb2.3lift.com anymind360.com
14	cm.g.doubleclick.net	10 redirects eb2.3lift.com eu-u.openx.net
12	assets.ad4m.at	as.ad4m.at
11	ib.adnxs.com	6 redirects anymind360.com eb2.3lift.com acdn.adnxs.com
8	ad4m.at	s1.adform.net ad4m.at
8	securepubads.g.doubleclick.net	anymind360.com securepubads.g.doubleclick.net www.tracking.my www.googletagservices.com
8	mytrackcdn.com	www.tracking.my mytrackcdn.com
7	simage2.pubmatic.com	ads.pubmatic.com
7	x.bidswitch.net	5 redirects eb2.3lift.com
6	image2.pubmatic.com	1 redirects ads.pubmatic.com
6	match.prod.bidr.io	6 redirects
6	sync.mathtag.com	5 redirects
6	match.adsrvr.org	3 redirects eb2.3lift.com eu-u.openx.net ssum-sec.casalemedia.com
6	track.adform.net	www.tracking.my s1.adform.net 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com um2.eqads.com
5	eu-u.openx.net	anymind360.com eu-u.openx.net
5	c1.adform.net	4 redirects ads.pubmatic.com
4	api.webgains.io	analytics.webgains.io
4	gum.criteo.com	2 redirects static.criteo.net
4	track.webgains.com	as.ad4m.at
4	sync-tm.everesttech.net	4 redirects
4	token.rubiconproject.com	4 redirects
4	as.ad4m.at	ad4m.at as.ad4m.at
4	eus.rubiconproject.com	7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com eus.rubiconproject.com anymind360.com
4	s1.adform.net	aws-fr.bidswitch.net s1.adform.net track.adform.net
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com ssum-sec.casalemedia.com
4	ib.3lift.com	anymind360.com ib.3lift.com www.tracking.my
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	connect.facebook.net	www.tracking.my connect.facebook.net
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	us-u.openx.net	eu-u.openx.net
3	mug.criteo.com
3	www.lead-alliance.net	3 redirects
3	www.telefonica-partner.de	3 redirects
3	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
3	tlx.3lift.com	anymind360.com www.tracking.my
3	www.google.com	www.tracking.my tpc.googlesyndication.com 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	sync.crwdcntrl.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	pixel.quantserve.com	2 redirects
2	pm.w55c.net	2 redirects
2	js-sec.indexww.com	anymind360.com ssum-sec.casalemedia.com
2	ads.pubmatic.com	anymind360.com ads.pubmatic.com
2	static.criteo.net	anymind360.com static.criteo.net
2	pixel.rubiconproject.com
2	portal.o2online.de	as.ad4m.at
2	partner.o2online.de	2 redirects
2	aws-fr-sync.bidswitch.net	2 redirects
2	www.googletagservices.com	securepubads.g.doubleclick.net 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
2	www.facebook.com	www.tracking.my
2	7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	prg.smartadserver.com	anymind360.com
2	script.4dex.io	anymind360.com script.4dex.io
2	targeting.unrulymedia.com	anymind360.com
2	www.google-analytics.com	www.tracking.my www.google-analytics.com
2	anymind360.com	www.tracking.my anymind360.com
2	fonts.googleapis.com	www.tracking.my 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	d.adroll.com	1 redirects
1	sonata-notifications.taptapnetworks.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	eu-u.openx.net
1	dsp.nrich.ai	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	triplelift-match.dotomi.com	eb2.3lift.com
1	biddr.brealtime.com	anymind360.com
1	acdn.adnxs.com	anymind360.com
1	analytics.webgains.io	track.webgains.com
1	ads.yahoo.com
1	id.rlcdn.com
1	portal.blau.de	as.ad4m.at
1	partner.blau.de	1 redirects
1	captrader-tracking.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	s.update.rubiconproject.com	7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	aws-fr.bidswitch.net	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	bidder.criteo.com	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	prebid.ad.smaato.net	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	hb.emxdgt.com	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	hbopenbid.pubmatic.com	anymind360.com
1	www.google.de	www.tracking.my
1	fonts.gstatic.com	fonts.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.tracking.my
1	tracking.my	1 redirects
214	105

This site contains no links.

Subject Issuer	Validity	Valid
tracking.my R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
anymind360.com R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-16` - `2021-11-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
smaato.net Sectigo ECC Organization Validation Secure Server CA	`2020-07-28` - `2022-10-04`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
update.rubiconproject.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.tracking.my/
Frame ID: FFD80F1870FDAB192F096BAECCE702DE
Requests: 55 HTTP requests in this frame

Frame: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D944EA1E6DAF202B47A4A2077DB6E5F8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWQ4bXUO1ZWwGyBjV5wRffx3o-626OvIwKC16fvoPQmfMoIQvFUARBQtCH1cFkrFBxg_qcBB6q4pRkr4wpzCM8tyupZwMrN6uS2sLW7v_18bMNUlxPeeQLmrmYRhrqHrlJUm_74lwVS6eGAyX1obeBfIgAtsHEcQr9Zk6xivbqV76o6LmTmlFr0OFzN9k_ZgZnqNCcZ3krVrbBIZ9nx-BFpao8ZTEOhGPmEREpFqUtz6-yFLIcHAjPz3d1V35GmovrFiy1dDwlYs1ZmQkMBc9m5BhfHLTCfbyGGqWqlVUUqjscOhHXG8dLdIHw4w2roUq7uzfF4vzl69scwSGoZRdxrpx5UN_KM2Ytic4aL-O8wlbUWgCLy-UIlqCroWMxmiVqTKNZcRD2kw&sai=AMfl-YQHVSvFqQsb5kM2nV1dtOITu5cNlmmUbj7mwW4GDWYdMuw9ktI8WPpMGa1fh9R09qGHRxGvxUfWsj7pmigLd8uWmrD_LTwdATMqNe4_0l5GBH3pUe9n8TGXTd6CfyLE&sig=Cg0ArKJSzCnB5bdjg_gKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7B68AB4757C951744C7CC96728A4BB4A
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 451985BDC8F85974A03A33179775E2C5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 30E491BB9BC3604E0627EFE209EE7D25
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: F8F3658DE72FEF36509CE141A5863425
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=38689783;rtbwp=0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0;rtbdata=VpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2;OOBClickTrack=
Frame ID: 07948F4523FB6D10B1BB765A91C4A443
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Frame ID: 3CE96FC44A756666157C330D7CFAEA1B
Requests: 11 HTTP requests in this frame

Frame: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1E3E927EA384833960681BE78427F426
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0E1BAE83061E46F2D9010177008DD027
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=31340181;rtbwp=F623712332697083;rtbdata=tTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/e57fe61d-e6de-490d-b23e-709f70e4f038/
Frame ID: 2858D01108FD3F61F1E0D22CB5443DAC
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Frame ID: 0B8619F674E8B92B5B7F5FD2D055E8D3
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 53988DEB45614910C6C83027812D72F2
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: C5E8FF22274DC9B5156888775C58D731
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: AE767B37CA07DE1D9568A753D37E4F3A
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tracking.my
Frame ID: 368F9D6399787AC112313AB93E66ADCC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A6087DEF7D5284E9C0B231F36DAFCE82
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Frame ID: 19FF263C74BA6E832ECA2D1162E4FB81
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: DBC9FEBB9278D72E7F8FFA5DE7AE2F9C
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3F103683A94B3682A6F88817514801B6
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 9AECF6948A50DE1CA7CEFFAD66B29380
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3562387DF8669664F616A12B72C1A2EF
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7EE137298949DF6D9E2C10326697DA0D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E6D6ADA8196D19EC440234816769B9E2
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=62EA51E1-8332-4C29-A3B5-4A35C576EC0C
Frame ID: 8F17808DC4EC49D8C078AB039397B328
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8523215248887648817
Frame ID: FA4376836A7C25C9C9C2BE72FAEFEF47
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 8E0C608811D58C7781FDFF75F54912B6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7027706419234207891
Frame ID: C02B46B744ACC445411F6036317585D1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYdtvwAAAPWcHABG&gdpr=0&gdpr_consent=
Frame ID: 1690795A2B43558273CA3C102ECCD988
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 8FCA9154E0EE27309D11C08C269C88DD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track your parcel - Malaysia's Largest Shipment Tracking Platform - Tracking.my

Page URL History Show full URLs

http://tracking.my/ HTTP 301
https://www.tracking.my/ Page URL

Page Statistics

214
Requests

75 %
HTTPS

29 %
IPv6

65
Domains

105
Subdomains

73
IPs

10
Countries

2369 kB
Transfer

4932 kB
Size

102
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tracking.my/ HTTP 301
https://www.tracking.my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://aws-fr.bidswitch.net/imp/0.027/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R38689783_Qrtbwp_R_I_WAUCTION__PRICE_X-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0_Qrtbdata_RVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03__aSIkyaYRdaC5s3IdfbojnNZZ6HAE__FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/KVgvquRIvpodFv9S6qFjjlvksD-Q8xTr6XYVoupPywasLZ6Itz0m1dnVPm7zLNtnXqjjwRO7lIplb_ybdLuMtf0Xq3TWIW-qnX7IjqV-vMsTA8zaQrcUHoMAUpWoqgyO0hC2Hts1MpTNT9G90qcgFt7hTps3WQuPpjpqEV-7LNmfv8PEO3MJ20VjuZJKIqeMkyOfCiSdr_3bk0G4TKpYRnWBv-VqmDKlE7Ul33ahhPUcJyWHgpZFM8C04ZJTLVTyQFCCGWS_UDI5phUCSQrNeByvCl3sQsOEQsyEpOrvzL0DJlliBG1EtQCzoPjOYva9OElHnbIuiiHRiqkVmZa-PS1qRa3P-juIGemc3ZYQnU4EYpKsF_8o-5RvGaXgKOgk7Tyj8GfK7yAZJ_urdSoy_yd9M9ZuWPAc_ouTg4fB95ZwnUmpBcknqb51lwM0pz6Z5yiVV8iYKHm6oLSWXMyI3a5vgdgWci7zNrScroH_kqZ21V0eTGHXMA7bVsYCPSKAUOXUgDcdj1xFb8RXbJ1bxWiCe6XkV-xGvpN7cBdU4aL5Mal-Ce7jWy2DDiDsXOhcWgWlg-GeYVy_h0pdkmXe9AK2blSHAsi-afFsUAAbtKk_nM-T10_FeHQUVaV5BOek3hm0FnVmoAoF-s9IxpK4Mk3x1GtW5_sFp_kHB1ddGDa691PhcUdJaL4QPqDFC7KYI2-VxnSVhg_mQsRL4F3Y7biFNwUaGR2I1SXoFyMpnbLXpg7grvN_oATb5rguEi_ogkesXuJ8a1tZsF4ty2bjcjxivj7QjMJ9c9D9dM7CNAJyBJ0VJ-A8WdE1vi5QnK2LJx9LDEmrS7N_Od23PvltK_dfyA2LMZvmSsXLYJSFFauNCN67h9n8tAcmUV4J6wTjF_VY4PE/ HTTP 302
https://track.adform.net/adfscript/?bn=38689783;rtbwp=0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0;rtbdata=VpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2;OOBClickTrack=

Request Chain 65

https://aws-fr-sync.bidswitch.net/sync?ssp=triplelift&dsp_id=70&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=triplelift&dsp_id=70&imp=1 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=8814327194925069517&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=90c742e9-64af-48d8-a562-b6995f3af959&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 67

https://eb2.3lift.com/sync?max=10&cb=72897 HTTP 302
https://eb2.3lift.com/sync?max=10&cb=72897&ld=1

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHuYEZlj3bOR9lk9dt7tTHo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 72

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjkxODQyNTMxMzY4OTUwNzI5MQ%3D%3D

Request Chain 74

https://pr-bh.ybp.yahoo.com/sync/triplelift/6918425313689507291?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0pypZFxE2oTKVtihY239L9N7pmTQXrMBeGKb9m9dZw--~A&dongle=0883

Request Chain 77

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=6918425313689507291 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6918425313689507291&dcc=t

Request Chain 78

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 79

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=3647983957425595953&dongle=d407

Request Chain 113

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021110707100758272252721X117679V1226132702MSoneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&spid=2021110707100758272252721X117679V1226132702MSoneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&wfid=117679 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110707100758272252721X117679V1226132702MSoneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&wfid=117679&ratenzahlung=24

Request Chain 116

https://www.awin1.com/cshow.php?s=2163948&v=11795&q=337372&r=412871&pv=1&pref3=oneidYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCroneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://captrader-tracking.de/zanox-captrader-htlp.php

Request Chain 119

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021110707100758272252719X117663V1225131106MSoneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021110707100758272252719X117663V1225131106MSoneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&wfid=117663

Request Chain 121

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/IKwwVB5I0LXYaup7iKbeIA?csrc=&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 122

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODIwNDhhODllYzhlM2FkZjZlM2Y5NjA2N2NjM2I0ZmQzNTczZWNhMw&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 124

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fff4cddb-11c6-4cc3-85c5-fc39393ef461&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30

Request Chain 125

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVOU6BG7-4-2XM&sigv=1&esig=2~25d0a6a94b5d356e130a9aac9b0006e44b343a38&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 127

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&_test=YYdtvwAAAPWcHABG HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYdtvwAAAPWcHABG&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&_test=YYdtvwAAAPWcHABG

Request Chain 128

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZPVTZCRzctNC0yWE0=&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Request Chain 132

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021110707100758272252737X120211V1226132702MSoneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&spid=2021110707100758272252737X120211V1226132702MSoneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&wfid=120211 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110707100758272252737X120211V1226132702MSoneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&wfid=120211&ratenzahlung=24

Request Chain 145

https://gum.criteo.com/sid/json?origin=publishertag&domain=tracking.my&sn=ChromeSyncframe&so=0&topUrl=www.tracking.my&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=BkZR73xWTiszTUd5dDRyZFRaTWFMT2dXNTZiZUkra0lrbWNrNnJ0eVpuQmoyOVpGei9MVGQ2VzJtRkVyUlN4VEpqSTlMK1lpb0F3WXZNTUZvcjhmQXBMSi9NUkxRMDJVYVR3NmdPN3NMLzhucjlqV1hKak5SZnZBSVRJN2pENnZlZCt1QjNQVk9NZVV4aVcyOWY2L240ME9WY05STDc0QzkwanFLQlZSLzI1aG9Fd0lZamVCTmNkZmJ5M0E3S3FIenlpSkdlUW52SVRmeFlnd0JhbnZYeld0UFhPRzRXa2Zrckdkdy9sOGhMbzN6SWxqMk1nbm5WL1h3MHUvLytmRkloRGo2UFVuMFVHMW9ZZFdZenBUTUpwNDI4UT09fA&cppv=2

Request Chain 150

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tracking.my%2F&domain=www.tracking.my&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=_wNpt3w4aXRES2NSbTZ0OXdnVjBSWnRsdEE2eDVqOGxUV3orUytvMzR6dkUxcVpIUWM2Z3c3OStEbTNncVprTURGa21idnFvUGZqbHZPVnc3TVpiNGVuQXQ1dWRaV3Q4V3VHT1hIazhFdkg3NWRSY0VOT1dBU0d3MDJPTnFQM0tpOW9LbVFpWkRaMHBnNk9zM3J1RVV4MjBrRXNoTENpb3NCN1FQSHdObmlqNGpQS2hXaXFBaFcrZGZ5NkwxbFpmNkpkT0VVb3hWRFZOOFpIZW8rRkxNUXAzdGdRU1FTQTBzQjJsU09oUVNzbExWMG83cFFDblNMcHhEL2QrUklZVlJwVVVWUkZGQ1JPYm9icjd2d0JLNEowaldGZz09fA&cppv=2

Request Chain 162

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3690&xuid=d7b26187-6dc0-4100-b71f-1559d17bfa1c&dongle=3995&gdpr=1&gdpr_consent=

Request Chain 163

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3657&xuid=YYdtvwAAAPWcHABG&dongle=3c0a&gdpr=1&gdpr_consent=

Request Chain 164

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=2562834129239918971&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 165

https://eb2.3lift.com/ebda?sync=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjkxODQyNTMxMzY4OTUwNzI5MQ%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=

Request Chain 166

https://match.prod.bidr.io/cookie-sync/trl HTTP 303
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
https://eb2.3lift.com/xuid?mid=7255&xuid=AAC0Uk7DDtwAABTMX-4OeQ&dongle=bzwx

Request Chain 169

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

Request Chain 170

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=579kxRly1MJBnz5

Request Chain 171

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=90c742e9-64af-48d8-a562-b6995f3af959&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=cacbfa6a-8f3d-4642-89f2-122eee8a15a8&expires=1&user_group=5&ssp=openx&bsw_param=90c742e9-64af-48d8-a562-b6995f3af959 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=90c742e9-64af-48d8-a562-b6995f3af959

Request Chain 172

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2791158708660022454

Request Chain 173

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIemVrN0REdHdBQUJWbXFqODl3QQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHzek7DDtwAABVmqj89wA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHzek7DDtwAABVmqj89wA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 174

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d6396187-6dc0-4d00-b8f5-5c15dec24d59

Request Chain 175

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wOHl68C0vu3b4u7uwbTw68Kx5ejb4-S_k7Fu1cT-

Request Chain 176

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8814327194925069517

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBLAxk0AYZwR41OJlCL0-u4&google_cver=1

Request Chain 180

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 183

https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 185

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8523215248887648817

Request Chain 186

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 187

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7027706419234207891

Request Chain 188

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYdtvwAAAPWcHABG&gdpr=0&gdpr_consent=

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YupR4YMyTCmjtUo1xXbsDA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 190

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6396187-6dc0-4d00-b8f5-5c15dec24d59

Request Chain 191

https://pixel.onaudience.com/?partner=214&mapped=62EA51E1-8332-4C29-A3B5-4A35C576EC0C HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=33dd7a0f2b1ff7e709f9565a523d00c9 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=d2259ad2c8680abd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8d683280-0985-4c2b-69c1-3e880538f57f&reqId=5bbc93ab-3b9f-4b10-496e-7d00ce2340ef&zcluid=d2259ad2c8680abd&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESELvPV6Z7Mh7SeShVDXvamR4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8d683280-0985-4c2b-69c1-3e880538f57f&reqId=5bbc93ab-3b9f-4b10-496e-7d00ce2340ef&zcluid=d2259ad2c8680abd&zdid=1332

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjJFQTUxRTEtODMzMi00QzI5LUEzQjUtNEEzNUM1NzZFQzBD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQaffW0tBGlztTUCbswZnI&google_cver=1

Request Chain 195

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d6396187-6dc0-4d00-b8f5-5c15dec24d59&gdpr=0&gdpr_consent=

Request Chain 196

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fff4cddb-11c6-4cc3-85c5-fc39393ef461

Request Chain 197

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8814327194925069517

Request Chain 198

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2562834129239918971&gdpr=0&gdpr_consent=

Request Chain 199

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XPNm3lymPdhH8G3bXaZz3l6jZt1H8WeKD6OrcwX9

Request Chain 200

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=62EA51E1-8332-4C29-A3B5-4A35C576EC0C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QqMf9jxE2uV8SHzH9YA4h2_UAwqXnm8-~A&gdpr=0&gdpr_consent=

Request Chain 202

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=90c742e9-64af-48d8-a562-b6995f3af959&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d45ce1b0-2824-486c-b995-2ecaa788a913&bsw_param=90c742e9-64af-48d8-a562-b6995f3af959&expires=10 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=90c742e9-64af-48d8-a562-b6995f3af959&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYdtwQIzpg_PkRSbibgvXAAABHMAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKymjeogSA3vDFK6dskxCYs&google_cver=1

Request Chain 204

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYdtwQIzpg_PkRSbibgvXAAABHMAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYdtwQIzpg_PkRSbibgvXAAABHMAAAIB&dcc=t

Request Chain 206

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYdtwQIzpg-PkRSbibgvXAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGHNzDZnp1iioNlp8r8iCWI&google_cver=1&gdpr=1

Request Chain 207

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d6396187-6dc0-4d00-b8f5-5c15dec24d59&gdpr=1&gdpr_consent=

Request Chain 208

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6895518092026246456&uid=Q6895518092026246456&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 209

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 211

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

214 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tracking.my/
Redirect Chain

http://tracking.my/
https://www.tracking.my/

29 KB
6 KB

715ms
193ms

Document
text/html

52.221.161.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.221.161.67 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-221-161-67.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f4e8826532496c198394709ce716b6bed81d00d64972ed702de16a02648e0d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Sun, 07 Nov 2021 06:10:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sun, 07 Nov 2021 06:10:04 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.tracking.my/
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2 200 app.css
mytrackcdn.com/css/ 158 KB
27 KB 85ms
36ms Stylesheet
text/css 2606:4700:3031::ac43:b7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mytrackcdn.com/css/app.css?v=20211028

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

873f4c6584487819caa69177acbfc984416914d2ddd4a0b42b6fafcd38feb7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 411
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 05:13:27 GMT
server: cloudflare
etag: W/"60bdaaf7-27679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znNx6E9bnRijJG7ONm58MbGMOpsMiS6YSCmfQ3huyOnqOuJ7XMsFnVMqD%2BKmkZEnixOO5ZLan6dvloa70CpBa5Bywfx6uyF1LsYwyi9k%2Fg2scn7phFdWdXO1%2F7olIiLIgRiwuznn4yWIEWHGfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 6aa4657f38460f6e-MXP

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 60ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700:latin

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 06:10:05 GMT
server: ESF
date: Sun, 07 Nov 2021 06:10:05 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 06:10:05 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/1681/ 134 KB
29 KB 334ms
286ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/1681/ats.js

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

645f49314238c929270c8fc3ef37790492def429d465602feccf3d17ee2372ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: gzip
age: 84857
x-guploader-uploadid: ADPycdtgOefzHM56U-solyvMenzk6GJ3OeRGyICVPlt2NhknrFyLPcDLIWn3Jqvx67QzqcVP-ydM5NYn-JZCEaBJ2Ps
x-cache: HIT, MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 28738
x-served-by: cache-tyo11953-TYO, cache-mxp6942-MXP
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 06:35:48 GMT
last-modified: Thu, 04 Nov 2021 06:35:45 GMT
server: UploadServer
x-timer: S1636265405.312199,VS0,VE268
etag: "abbb9cb69c790a1b89ac20ba863c5e41"
vary: Accept-Encoding
x-goog-hash: crc32c=jfv6lQ==, md5=q7uctpx5ChuJrCC6hjxeQQ==
x-goog-generation: 1636007745297995
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 28738
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1071, 0

GET
H2 200 logo.png
mytrackcdn.com/img/ 7 KB
8 KB 23ms
23ms Image
image/png 2606:4700:3031::ac43:b7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrackcdn.com/img/logo.png

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bab72d9ab40151420be2a340ede127ffc5678e4160c52885bb79b105ea9b6e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 411
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7448
last-modified: Tue, 17 Nov 2020 10:16:29 GMT
server: cloudflare
etag: "5fb3a2fd-1d18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNYbCVfZwOjqeDzKq57WDuBISOfdpaSqOb3lwueB%2BX7fOxQTrbIiV2%2B7SP2qc128i0nBvXH7%2FfFyamsIZckAL6PsHgpjSbZila2eu3rivSLgaVESOtzDJo%2FfAmo355hNyUdbnlsMACOwiBTY4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6aa4657fd8d60f6e-MXP

GET
H2 200 empty.png
mytrackcdn.com/img/ 1001 B
1 KB 21ms
21ms Image
image/png 2606:4700:3031::ac43:b7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrackcdn.com/img/empty.png

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdead1dcc06911463009bc6337cc709e1dea8dde0c8474c01d7df99f2d5c086a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 411
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1001
last-modified: Tue, 17 Nov 2020 10:16:28 GMT
server: cloudflare
etag: "5fb3a2fc-3e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaCkq%2BKb3KrVDV7fPY6m0s%2FaWyXyd8Gqicn1phbS8UGeS%2BPQI1Ozx%2BL05x5YOX07ALivrDWFd08%2FdyUGzdXIjyuX0zfQEhaMCI79Yne4G5zqihOw7nrIQBYUs7%2FTOoQRUurIUwCS4OmBorOfDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6aa4657ff8f40f6e-MXP

GET
H2 200 logo_grey.png
mytrackcdn.com/img/ 7 KB
7 KB 29ms
29ms Image
image/png 2606:4700:3031::ac43:b7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrackcdn.com/img/logo_grey.png

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9afe919ee188c99daf62b211b7017ffd2386fbdb64e891778ffa07273f28d9e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 411
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6874
last-modified: Tue, 17 Nov 2020 10:16:30 GMT
server: cloudflare
etag: "5fb3a2fe-1ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0Qfg0rl0a%2BJ2BPzbcQ0ctz%2F5Ch8PpeZiqo2wZS9gt9BK8viE30W3VSBvaLkDXDeWSf95eobIY%2F0g9RhURYCMaJjOivW0N7wSZfZaVjnz2F%2BaDkDXhauhEsJH0BXceD7ZqxehQ5nYapiJVvkzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6aa46580290a0f6e-MXP

GET
H2 200 app.js Show response
mytrackcdn.com/js/ 383 KB
122 KB 38ms
37ms Script
application/javascript 2606:4700:3031::ac43:b7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mytrackcdn.com/js/app.js?v=20211028

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c3efec234f7b0c788d596222a07f6e677adbcb748246b41b982006690c33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 411
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 05:13:27 GMT
server: cloudflare
etag: W/"60bdaaf7-5fcde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wua2xnpiN0HieJ2e8m1iH6tGtPzv5AC6BsUlrGVwq46tGnZiarb440BfcScGci4mhf6mMjNDvuNB%2B%2Ff7aYRUEwSsB%2Bg7YSAak%2FrMQqAGQOkivrTD6mCJx2YlqzSbmZryTMM2SeiCE%2BSmkQoF%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 6aa4657f78770f6e-MXP

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 571
date: Sun, 07 Nov 2021 06:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 07 Nov 2021 08:00:34 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: oLdOAH5oYy9KoWKRovdO1gJQWymu92Agy4ylSK8s7ZvHZatvoTLkLkN+O+A195llBc4uSufsPCmIP/NgY3f9kQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 07 Nov 2021 06:10:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 21ms
21ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1145809211&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tracking.my%2F&ul=en-us&de=UTF-8&dt=Track%20your%20parcel%20-%20Malaysia%27s%20Largest%20Shipment%20Tracking%20Platform%20-%20Tracking.my&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1847372731&gjid=603785747&cid=641196737.1636265406&tid=UA-86954113-1&_gid=2143001694.1636265406&_r=1&_slc=1&z=1200875678

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tracking.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 103445000522916 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 509ms
508ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/103445000522916?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33b242e8a9ac0bb19f4b7be20f28365a20504d3682fc49d50210f8bb3cf842b9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6ykXyOcD6N5MGeRBiWLoIC19D00oFUmke0HamBvKxfaShA6w1obFsIjfj1SBj44T1/A66oI+Kjnhxb6H60MXzw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 07 Nov 2021 06:10:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 65ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-86954113-1&cid=641196737.1636265406&jid=1847372731&gjid=603785747&_gid=2143001694.1636265406&_u=IEBAAEAAAAAAAC~&z=1570926624

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 07 Nov 2021 06:10:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.tracking.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 49ms
21ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1681/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1036 / 899 of 1000 / last-modified: 1636149938"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27044
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 07 Nov 2021 06:10:05 GMT

GET
H2 200 prebid5.js Show response
anymind360.com/js/ 440 KB
136 KB 20ms
20ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/prebid5.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1681/ats.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

df854f0e3738eb9fea50c9dfa4ecaa55f7aebc7520762dce4948df01b4f8fefb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: gzip
age: 78027
x-guploader-uploadid: ADPycdvMJaNgFuexC9ngPlrNLbYm3DSbbieUHJ5EY07Oy6X892Ll4ef4hFR0zDM3orPFa1JyKpugO58eyWCPt3gGWYrbuAscyg
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 138384
x-served-by: cache-tyo11940-TYO, cache-mxp6942-MXP
access-control-allow-origin: *
expires: Sat, 06 Nov 2021 08:29:37 GMT
last-modified: Wed, 20 Oct 2021 08:29:34 GMT
server: UploadServer
x-timer: S1636265406.617381,VS0,VE1
etag: "3dd21cc55d7de877e9912c2826ad0ba7"
vary: Accept-Encoding
x-goog-hash: crc32c=9GGKiQ==, md5=PdIcxV196HfpkSwoJq0Lpw==
x-goog-generation: 1634718574233999
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 138384
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4148, 1

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

faf52cb0d020adf5e7eebbe6c7f449b3c767e00aad8ed624f7048873b96c2085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: B9BmR4xYOUU2JucpPRkTmA==
cross-origin-resource-policy: cross-origin
expires: Sun, 07 Nov 2021 06:14:13 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: OgXQ/K97wd5jaIA5QgBxjmKs0D5maDlvhbxczcoX6hT/vGw6wyl8LR3t5XPL5kOQQ6lHXiCfC+wjwOlR9zjmWw==
x-fb-trip-id: 686109401
x-fb-content-md5: 444f82657c2d5b59c86a1f61e2225447
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 07 Nov 2021 06:10:05 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5d0371a88f08c73d4176055de0b93b76"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 banner.jpg
mytrackcdn.com/img/ 74 KB
74 KB 682ms
682ms Image
image/jpeg 2606:4700:3031::ac43:b7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrackcdn.com/img/banner.jpg

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c05630a396acf82a928fab46a79b860312fefa228b658b38ec3d381ce2f3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75462
last-modified: Tue, 17 Nov 2020 10:15:49 GMT
server: cloudflare
etag: "5fb3a2d5-126c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ru2lNMU9ME90xkOJL8aPhDdYrsckQzGUERpshbpdrWOGYrA%2F4rmn8G4kQk4McRrIuEzbZDfvrk3ZE8gt%2FB6NuYCCZ%2BRCfmFMMD0UvL7cL05RCvj3Q6kWWp4UkzvXSfUAcQSKqo1Aox9rQ7PX8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6aa4658119920f6e-MXP

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 51ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700:latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tracking.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 464288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:11:57 GMT

GET
H2 200 loading.gif
mytrackcdn.com/img/ 25 KB
25 KB 22ms
21ms Image
image/gif 2606:4700:3031::ac43:b7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrackcdn.com/img/loading.gif

Requested by

Host: mytrackcdn.com
URL: https://mytrackcdn.com/css/app.css?v=20211028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57b354cc463cf655d7d5fd9b893fd386a4034f18efa57ab9874a3ba020a01ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mytrackcdn.com/css/app.css?v=20211028
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25487
last-modified: Tue, 17 Nov 2020 10:16:29 GMT
server: cloudflare
etag: "5fb3a2fd-638f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZignV986PCb05RZqjqFHKleeDpmkTiF%2BW5sIghW65SVB8l862Dc5hrUw4HYxKm8Zuu2MJ6Ohk3I2AbubdLA7ue6aQgntZMfUCG80G7wmyJCIoJzxHr%2BglF9aiGPBVEtx421r9ulXgHHpTP1CuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6aa46581299d0f6e-MXP

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 67ms
31ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-86954113-1&cid=641196737.1636265406&jid=1847372731&_u=IEBAAEAAAAAAAC~&z=1937654553

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 45ms
19ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-86954113-1&cid=641196737.1636265406&jid=1847372731&_u=IEBAAEAAAAAAAC~&z=1937654553

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 couriers.png
mytrackcdn.com/img/ 355 KB
356 KB 23ms
23ms Image
image/png 2606:4700:3031::ac43:b7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytrackcdn.com/img/couriers.png?v=20211028

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b7ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc91c67f997cde853a038f64f4a7aa7023b122f17f6429865e51a389b4a4e4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 363785
last-modified: Thu, 28 Oct 2021 08:49:11 GMT
server: cloudflare
etag: "617a6407-58d09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsOkCnG3bESGrrR9K6fd%2F7WDRFpMx5v3RO8B%2FOXfUEF7efOhxncK0REPhjIKYw7FZ6dvYgTXVm8EuaHPPe1ijTvXkrsK8kMoW4ABBtR%2BRPsocu%2FIrbhCEFlqiBkUcGctC9r9RQijbEmR59tGMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6aa46581aa020f6e-MXP

GET
H2 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 28ms
27ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 07 Nov 2021 06:10:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
100 B 43ms
16ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tracking.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8f959f8157807546f0392196a122486a80b8a3aa0fd658e7343a0bdbb0b3b64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75
x-xss-protection: 0
expires: Sun, 07 Nov 2021 06:10:05 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 266 KB
76 KB 34ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=9623f3db1a32188d82541f38e5833844

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baf73c5430b3bb108310cf94cddaa4a7767f249dda9d583e1fdb601189f7bc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tracking.my/
Origin: https://www.tracking.my
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kXD2QAcv7bKIetX5BTnS5Q==
cross-origin-resource-policy: cross-origin
expires: Mon, 07 Nov 2022 04:58:42 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76607
x-fb-rlafr: 0
x-fb-debug: uSFY9p87WNsfkjWMBVA1YGk45oOW/CllJ1JKL5DUY3vhnNZL9k8kH0QmscoufM9/+HBGvehzY86nXKfdvVv1KA==
x-fb-trip-id: 2050670934
x-fb-content-md5: e02f58d9946c00452a175ee7d93a59ad
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 07 Nov 2021 06:10:05 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0443426d2e43c013daed2c287721c767"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 57ms
12ms Preflight
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.tracking.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Tengine
date: Sun, 07 Nov 2021 06:10:05 GMT
access-control-allow-origin: https://www.tracking.my
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
940 B 75ms
27ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1721259
x-amz-request-id: txa9f7a43a20cf4c4c9390f-00616d2a11
x-amz-id-2: txa9f7a43a20cf4c4c9390f-00616d2a11
last-modified: Mon, 18 Oct 2021 08:01:51 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsJfWSt4wV9bCqYwnvu0l0%2B8EpOsAck%2F3jLlddw6WOwk%2F67eyFGxfwetoCaOFeTUPRfHcxpi3GNKk2PcjsaPSNtkxEjZ89YyCvbQ89HLC1iti8aq1SJxQHjn2vD7E6h74LnrVO%2FC6kMscUVN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1634544111259554
cf-ray: 6aa465824bd6e8ff-MXP

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 57ms
13ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tracking.my
date: Sun, 07 Nov 2021 06:10:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 3 KB
2 KB 84ms
60ms XHR
application/json 3.124.87.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.15.0&referrer=https%3A%2F%2Fwww.tracking.my%2F&tmax=2000

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-87-92.eu-central-1.compute.amazonaws.com

Software

Resource Hash

67fe4b0dae0f7dfc727322e3a4d1634c8cd82f0e771aff72d84680bc0beadc19

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tracking.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2027
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 265 B
1 KB 279ms
231ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=303274&zone_id=1997826&size_id=15&alt_size_ids=2%2C10%2C16%2C55&rp_schain=1.0,1!anymanager.io,1681,1,,,&rf=https%3A%2F%2Fwww.tracking.my%2F&tk_flint=pbjs_lite_v5.15.0&x_source.tid=3ba31ae5-df2e-4a52-9917-0f074638e67d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23827499976262478
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 84f84c2298e6cf293ef60dfae9d4ddee5ee880f623b41582b24b1ffa36fbab41

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tracking.my
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 265
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
160 B 113ms
87ms XHR
text/plain 35.156.230.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=2000&ts=1636265405763&src=pbjs
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tracking.my
date: Sun, 07 Nov 2021 06:10:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
731 B 30ms
7ms XHR
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:05 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0df0bfe2-e317-4c0e-9ca5-5eb84c6bc27c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.tracking.my
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
323 B 118ms
18ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:05 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tracking.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
565 B 134ms
34ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b1%3b75
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.tracking.my
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 173 B
593 B 50ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.tracking.my%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3ba31ae5-df2e-4a52-9917-0f074638e67d&nocache=1636265405766&schain=1.0%2C1!anymanager.io%2C1681%2C1%2C%2C%2C&aus=728x90%2C970x250&divids=ats-insert_ads-3&aucs=&auid=543541789
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 1daaa628711a77f2fce7f9e90ee1e8851bd634765273077a031b6d5baa422361

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tracking.my
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
342 B 125ms
30ms XHR
text/plain 63.32.190.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 63.32.190.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-190-233.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tracking.my
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Sun, 07 Nov 2021 06:10:05 GMT
X-SMT-SessionId: a553551a-282d-42f3-8c55-0e827143ba69

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
374 B 113ms
87ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=474699&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219920fd31b157f9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.tracking.my%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anymanager.io%22%2C%22sid%22%3A%221681%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220782922b0dcf5c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474699%22%2C%22sid%22%3A%2222043119725%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2221d4390c7c3f11b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474699%22%2C%22sid%22%3A%2222043119725%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1f27d8ccb531e92edf5961dacec68583cec16fe366ff6d1901436684777fa21f

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.tracking.my
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Sun, 07 Nov 2021 06:10:05 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
171 B 42ms
15ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.tracking.my
pragma: no-cache
date: Sun, 07 Nov 2021 06:10:05 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
188 B 61ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.15.0&cb=20415317648
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tracking.my
date: Sun, 07 Nov 2021 06:10:05 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 33ms
18ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1721157
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx6b69a7d287064a5bb9bfa-00616d2a13
x-amz-id-2: tx6b69a7d287064a5bb9bfa-00616d2a13
last-modified: Mon, 18 Oct 2021 08:01:50 GMT
server: cloudflare
etag: W/"cae476c264f28e37aca638d685ba55b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QN8tFPi92pYEh8BfA2yA6nEQh60rJWaPI88bMWMy5fJIfpGpuqf7QQaHvrvZ09a7v8bZz3Uo3UFIL3qzt7u3ehVUikGomLjNQdfHk8rJ50tM2CYclCKLzX6E1DrfE21AYSlOXtYeQNOj0vm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1634544110326910
cf-ray: 6aa465828a21dfcb-FRA
access-control-allow-headers: Authorization

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 61ms
24ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tracking.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 60ms
23ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tracking.my

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
15 KB 540ms
539ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1996238018216201&correlator=610747286187822&output=ldjh&impl=fifs&eid=31063205%2C31063405%2C31063247%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=21622890900%3A22514169533%2CMY_tracking.my_pc_all_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1636265406&dt=1636265406064&dlt=1636265405238&idt=572&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=2683691994&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tracking.my%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=641196737.1636265406&ga_sid=1636265406&ga_hid=1145809211&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

78b6023c0810f79ccdcd008f17939408f6f550dd21f0262e0cd3b00415f3ed90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 212292
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15216
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314457
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tracking.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 322ms
321ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1996238018216201&correlator=610747286187822&output=ldjh&impl=fifs&eid=31063205%2C31063405%2C31063247%2C44748552&vrg=2021110201&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=21622890900%3A22514169533%2CMY_tracking.my_res_all_below_970x250%2C970x90%2C300x600%2C300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=728x90%7C970x250&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D26243582461e638%26hb_bidder%3Dtriplelift&eri=1&cust_params=url%3D%252F%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1636265406&dt=1636265406067&dlt=1636265405238&idt=572&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=2460&adks=3818134883&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tracking.my%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=641196737.1636265406&ga_sid=1636265406&ga_hid=1145809211&ga_fc=true&fws=128&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

fef7089c09ddb771b308a24d87b6aa0a5696d3f0ff68a148004d5cf43ce33b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8431
x-xss-protection: 0
google-lineitem-id: 5450162376
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138320657710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tracking.my
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D944 6 KB
4 KB 87ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 07 Nov 2021 06:10:06 GMT
expires: Mon, 07 Nov 2022 06:10:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 14ms
14ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021110201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

e64c870fac1b5b672d9d802aa7239b9f341b777225f44cd836c32a63f1c01ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13417
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 07 Nov 2021 06:10:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=103445000522916&ev=PageView&dl=https%3A%2F%2Fwww.tracking.my%2F&rl=&if=false&ts=1636265406139&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636265406138.2008080393&it=1636265405593&coo=false&rqm=GET

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 07 Nov 2021 06:10:06 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 44ms
20ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc907e28b23f56d9ad489ebd894903e889d227bc308bbdd96e4d42dd4f0051af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9352
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 64ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 07 Nov 2021 06:10:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B68 0
0 43ms
43ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWQ4bXUO1ZWwGyBjV5wRffx3o-626OvIwKC16fvoPQmfMoIQvFUARBQtCH1cFkrFBxg_qcBB6q4pRkr4wpzCM8tyupZwMrN6uS2sLW7v_18bMNUlxPeeQLmrmYRhrqHrlJUm_74lwVS6eGAyX1obeBfIgAtsHEcQr9Zk6xivbqV76o6LmTmlFr0OFzN9k_ZgZnqNCcZ3krVrbBIZ9nx-BFpao8ZTEOhGPmEREpFqUtz6-yFLIcHAjPz3d1V35GmovrFiy1dDwlYs1ZmQkMBc9m5BhfHLTCfbyGGqWqlVUUqjscOhHXG8dLdIHw4w2roUq7uzfF4vzl69scwSGoZRdxrpx5UN_KM2Ytic4aL-O8wlbUWgCLy-UIlqCroWMxmiVqTKNZcRD2kw&sai=AMfl-YQHVSvFqQsb5kM2nV1dtOITu5cNlmmUbj7mwW4GDWYdMuw9ktI8WPpMGa1fh9R09qGHRxGvxUfWsj7pmigLd8uWmrD_LTwdATMqNe4_0l5GBH3pUe9n8TGXTd6CfyLE&sig=Cg0ArKJSzCnB5bdjg_gKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 06:10:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 07 Nov 2021 06:10:06 GMT

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 7B68 4 KB
2 KB 131ms
102ms Script
application/javascript 18.66.97.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=MY_tracking_res_all_below
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 172ffcfd10c6b52351b1bd73a589257afccd68d98c35bf4a48ddf41dbd9d16eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: "ee3f53c73f7ba8916aa0ad38345766f5"
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
content-encoding: gzip
content-length: 2002
x-amz-cf-id: zo_1S2B8yxGBSLsKB1IqVOlEmyRh0gaJY1dowtvIuCHAYYoVZAVB3w==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B68 120 KB
37 KB 77ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 06:10:06 GMT

GET
H2 200 notify
tlx.3lift.com/header/ Frame 7B68 37 B
183 B 8ms
8ms Image
image/gif 3.124.87.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.021&ts=1636265405&aid=96364301433009934030&ec=2409_15064_70_38689783&n=GgDyArUBCAASFDk2MzY0MzAxNDMzMDA5OTM0MDMwGAAgASjpEjDYdUABSABQAWAKaABw%2FtoGkAEAmAEAqAEAsAEbuAEFwAEVyAEb4AEP8AEA%2BAEbgAIViAIPkQIAAAAAAADwP5kCUrgehetRyD%2BhAgAAAAAAAPA%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC8CSAA9gFiANakAMAmAMAoAMAuAPQ6gHAAwDIAwDSAws3MF8zODY4OTc4M%2FgCDIgDAJIDBGQzZDM%3D
Requested by: Host: www.tracking.my
URL: https://www.tracking.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 7B68 37 B
140 B 32ms
7ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=96364301433009934030
Requested by: Host: www.tracking.my
URL: https://www.tracking.my/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4519 12 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 06 Nov 2021 18:00:39 GMT
expires: Sun, 06 Nov 2022 18:00:39 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 30E4 783 B
971 B 24ms
23ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f68eb9fcad8523ae33ce6f1e0d7349b6665cd18ad99eb0ebb5b0e60ccd6fce19

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LJcEYNPddNVVIO2z8q5+9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 07 Nov 2021 06:10:06 GMT
date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-LJcEYNPddNVVIO2z8q5+9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js Show response
pagead2.googlesyndication.com/bg/ Frame 4519 35 KB
14 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cr6w3YeOZbdvzGsTB8jc1jWyQH2Tx0ZUK6FFw6rgKog.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72beb0dd878e65b76fcc6b1307c8dcd635b2407d93c746542ba145c3aae02a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 21:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 21:42:27 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 30E4 0
0 101ms
66ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=1996238018216201&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/70bd8f46f8937950e6946baf69c2f411e029ca74/dist/ Frame 7B68 243 KB
78 KB 10ms
9ms Script
text/javascript 18.66.97.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/70bd8f46f8937950e6946baf69c2f411e029ca74/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=MY_tracking_res_all_below
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce9efc2624c8f27fa5c8860f250061943947a637a3b350a3d6944e1fec8cd5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 15:50:27 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 15:49:22 GMT
server: AmazonS3
age: 310779
etag: "47d04ea7fa32c5620617aa5def989465"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 79039
x-amz-cf-id: 8hMzymKyNV72zy8v3CGPQMGhTaVIENUy3xIpGxwxnwO6sonlghzXZA==

GET
DATA 200
OK truncated
/ Frame 7B68 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e091006afa2f195b71d9badc8e11f8bdb9ce3b4022648aa050a39def41b02b7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 notify
tlx.3lift.com/header/ 37 B
183 B 9ms
8ms Image
image/gif 3.124.87.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.021&ts=1636265405&aid=96364301433009934030&ec=2409_15064_70_38689783&n=GgDyArUBCAASFDk2MzY0MzAxNDMzMDA5OTM0MDMwGAAgASjpEjDYdUABSABQAWAKaABw%2FtoGkAEAmAEAqAEAsAEbuAEFwAEVyAEb4AEP8AEA%2BAEbgAIViAIPkQIAAAAAAADwP5kCUrgehetRyD%2BhAgAAAAAAAPA%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgC8CSAA9gFiANakAMAmAMAoAMAuAPQ6gHAAwDIAwDSAws3MF8zODY4OTc4M%2FgCDIgDAJIDBGQzZDM%3D&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-87-92.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=MY_tracking_res_all_below&aid=96364301433009934030&rev=70bd8f4&ss=12&bc=0.027&pr=un&brid=109950&bmid=2409&biid=4720&bcud=27&sid=15064&ts=1636265405&caid=0&unid=0&domain=www.tracking.my&ref=https%253A%252F%252Fwww.tracking.my%252F&rr=creative&fid=10&rb=0&g=0&cb=77610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame F8F3 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 7B68 3 KB
3 KB 9ms
7ms Image
image/png 18.66.97.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: www.tracking.my
URL: https://www.tracking.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 19:09:32 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 212445
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: sJorB_hJkSdOPcprJ1xmbdyhNuzWjOYLShDR_heLViZLjUH448EvJg==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 7B68 3 KB
4 KB 9ms
8ms Image
image/png 18.66.97.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: www.tracking.my
URL: https://www.tracking.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:07:06 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f1.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 363781
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: zfD1Qz-2lNvc9wXrlZYzLOTP844BFUIGalUnpTdvVLaPn1gRoxaZPQ==

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 0794
Redirect Chain

https://aws-fr.bidswitch.net/imp/0.027/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R38689783_Qrtbwp_R_I_WAUCTION__PRICE_X-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0_Qrtbdata_RVpqHlfC6qeUa-rsbXhk8a0vGu0J...
https://track.adform.net/adfscript/?bn=38689783;rtbwp=0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0;rtbdata=VpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH...

906 B
1 KB

70ms
20ms

Script
text/javascript

37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38689783;rtbwp=0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0;rtbdata=VpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2;OOBClickTrack=

Requested by

Host: www.tracking.my
URL: https://www.tracking.my/

Protocol

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cd6671992c42d14ba7e3fc8e3488c3f7fb8e081f90a71458ae3b3c56fab8f8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 758
expires: -1

Redirect headers

location: https://track.adform.net/adfscript/?bn=38689783;rtbwp=0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0;rtbdata=VpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2;OOBClickTrack=
date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 0794
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=triplelift&dsp_id=70&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=triplelift&dsp_id=70&imp=1
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=70&user_id=8814327194925069517&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=90c742e9-64af-48d8-a562-b6995f3af959&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
352 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=90c742e9-64af-48d8-a562-b6995f3af959&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: www.tracking.my
URL: https://www.tracking.my/
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=90c742e9-64af-48d8-a562-b6995f3af959&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 07 Nov 2021 06:10:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 8ms
7ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=MY_tracking_res_all_below&aid=96364301433009934030&rev=70bd8f4&ss=12&bc=0.027&pr=un&brid=109950&bmid=2409&biid=4720&bcud=27&sid=15064&ts=1636265405&caid=0&unid=0&domain=www.tracking.my&ref=https%253A%252F%252Fwww.tracking.my%252F&rr=creative&fid=10&rb=0&g=0&cb=35963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 3CE9
Redirect Chain

https://eb2.3lift.com/sync?max=10&cb=72897
https://eb2.3lift.com/sync?max=10&cb=72897&ld=1

1 KB
1 KB

8ms
8ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/70bd8f46f8937950e6946baf69c2f411e029ca74/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 00d5962088e4d97c530799acb0a1334f9c6850e06a8024127e128de9d29ed430

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
content-type: text/html; charset=utf-8
content-length: 463
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Sun, 07 Nov 2021 06:10:06 GMT
content-length: 0
location: /sync?max=10&cb=72897&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 container.html Show response
7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1E3E 6 KB
3 KB 315ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 07 Nov 2021 06:10:06 GMT
expires: Mon, 07 Nov 2022 06:10:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 10ms
10ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=103445000522916&ev=Microdata&dl=https%3A%2F%2Fwww.tracking.my%2F&rl=&if=false&ts=1636265406675&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Track%20your%20parcel%20-%20Malaysia%27s%20Largest%20Shipment%20Tracking%20Platform%20-%20Tracking.my%22%2C%22meta%3Adescription%22%3A%22Malaysia%27s%20Largest%20Shipment%20Tracking%20Platform!%20Track%20all%20your%20shipments%20in%20one%20place.%20Poslaju%2C%20Skynet%2C%20Airpak%2C%20Citylink%2C%20Abx%2C%20Gdex%2C%20Nationwide%20etc...%22%2C%22meta%3Akeywords%22%3A%22tracking%2C%20tracking.my%2C%20comone%2C%20cuckoo%2C%20dexi%2C%20leopard%2C%20dpe%2C%20ie-post%2C%20fedex%2C%20dpex%2C%20toll%2C%204px%2C%20skynet%2C%20poslaju%2C%20airpak%2C%20citylink%2C%20abx%2C%20gdex%2C%20nationwide%2C%20taqbin%2C%20ninja%20van%2C%20kangaroo%2C%20mypostonline%2C%20sure%20reach%2C%20matdespatch%2C%20prouter%2C%20lineclear%2C%20ecargo%2C%20ktmd%2C%20redbox%20asia%2C%20lex%2C%20freght%20mark%2C%20ywg%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fmytrackcdn.com%2Fimg%2Ffb_og_image_default.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636265406138.2008080393&it=1636265405593&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 07 Nov 2021 06:10:06 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3CE9 70 B
265 B 105ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 3CE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHuYEZlj3bOR9lk9dt7tTHo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

41ms
41ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHuYEZlj3bOR9lk9dt7tTHo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHuYEZlj3bOR9lk9dt7tTHo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3CE9
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjkxODQyNTMxMzY4OTUwNzI5MQ%3D%3D

170 B
243 B

24ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjkxODQyNTMxMzY4OTUwNzI5MQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjkxODQyNTMxMzY4OTUwNzI5MQ%3D%3D
date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 3CE9 0
596 B 558ms
235ms Image
text/plain 2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=6918425313689507291&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: aUUG7LcutRYQaEhM/ioAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 3CE9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/6918425313689507291?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0pypZFxE2oTKVtihY239L9N7pmTQXrMBeGKb9m9dZw--~A&dongle=0883

37 B
352 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-0pypZFxE2oTKVtihY239L9N7pmTQXrMBeGKb9m9dZw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 07 Nov 2021 06:10:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-0pypZFxE2oTKVtihY239L9N7pmTQXrMBeGKb9m9dZw--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3CE9 43 B
220 B 41ms
8ms Image
image/gif 3.120.56.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=6918425313689507291&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.56.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-56-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 3CE9 42 B
593 B 52ms
31ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=6918425313689507291&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC66590C136D42D1A457FC72C85AF51C Ref B: FRAEDGE1319 Ref C: 2021-11-07T06:10:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 3CE9
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=6918425313689507291
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6918425313689507291&dcc=t

0
0

102ms
101ms

Image
text/html

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6918425313689507291&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Protocol: HTTP/1.1
Server: 209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Z5Z8Q0D8XTDTPCVH485N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6918425313689507291&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3CE9
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 3CE9
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=3647983957425595953&dongle=d407

37 B
352 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=3647983957425595953&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=72897&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=3647983957425595953&dongle=d407
pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 39ms
37ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=1996238018216201&bg=!4-Cl4KTNAAYH3anuB907ACkAdvg8Wn8BXAiNkDfpTqDdfmCdqHmJc3ozXam5Y6WZnrLM7suHNmWMDAIAAAC3UgAAAAxoAQcKABYlHMdFd0cl0BqLQnqByM22m7KMd9OkmQK3JLIaoPB8TIFbCVbM30X815I1b1QdATAN0M5OjJJ4SQ36FnwH5g1vgqmM4G-eMFJl7E6jhz_gSozG1FJOG9O34BhGVKAp1vC6ooaSLnXigZmYWkcmO3MHFtuQoKKENPUMDM8a6XG3ybR0j3lJQX0RJDgeRdOSu2WssGiq_Bs6gN3uuUONkg-P_y5xBlvYiY_WqZGDp8Rv5yg7uWEXhffibvGPV4179QfiY3eMEyOd6KS0-AqDzoqpZ-wZerjzdE_pIjuI_ttku9apsbwvIY7P4_I_0ZPAftTammjPrMlWDyOpaPfPhA3Ly-88rAQygOd_Zgcp1vAd3EI6ppQMC64Tyqy1rqxUObm7c8n1B5vFQ92kTY3krLgM5MpQS1OmoLqcOll9v9kaC4Lw62WMg2LthsDLePAyzD1b0ONZP96m1TQVRGUingqiy1c_Ptjneb4597o1twG-kIdNB6UXYINop8RnlPu-YyOgCoyFEKp0dMP0kwXUQxcUOOiQh-yx0MutsVqyaGfg1gBOC58nTINGtKV3RjruSjYz1_oOHL4veqWv6ecA0SJxReNMbuuX45fZBSuy2RwU6MZ74mJONH1bl_0mQiRfOA7bBJFJuSHjhkaEMZk00pVdWXrkvurh7tsU70xyyVpQ__nz0VmYXk6IXJeLPI10U5XXVzmqo_M_Bcv9V5-hUjQ20Ut_Cor8Hg9NsjoFbW7XE1A4eiRXShNwdcYrtLHbvR7tBfGB5qykM10y__-TC0Je1-_2GPgf8_aQVBoxGtx-4P3uK5Npn9KtHnxP6Ls12Kg0m_WauSfEuIsgHBf38lCv0K6n3tr4eg28VDNv717m8BWzd4vS3iESKOw76OesH89FY_MDqt89cRre8bk0VTn-EAXV_K1LS03GLZfGwHJJSZj7JjHUT_Fx17RxAbkCMCY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 0794 33 KB
16 KB 78ms
20ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: aws-fr.bidswitch.net
URL: https://aws-fr.bidswitch.net/imp/0.027/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R38689783_Qrtbwp_R_I_WAUCTION__PRICE_X-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0_Qrtbdata_RVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03__aSIkyaYRdaC5s3IdfbojnNZZ6HAE__FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/KVgvquRIvpodFv9S6qFjjlvksD-Q8xTr6XYVoupPywasLZ6Itz0m1dnVPm7zLNtnXqjjwRO7lIplb_ybdLuMtf0Xq3TWIW-qnX7IjqV-vMsTA8zaQrcUHoMAUpWoqgyO0hC2Hts1MpTNT9G90qcgFt7hTps3WQuPpjpqEV-7LNmfv8PEO3MJ20VjuZJKIqeMkyOfCiSdr_3bk0G4TKpYRnWBv-VqmDKlE7Ul33ahhPUcJyWHgpZFM8C04ZJTLVTyQFCCGWS_UDI5phUCSQrNeByvCl3sQsOEQsyEpOrvzL0DJlliBG1EtQCzoPjOYva9OElHnbIuiiHRiqkVmZa-PS1qRa3P-juIGemc3ZYQnU4EYpKsF_8o-5RvGaXgKOgk7Tyj8GfK7yAZJ_urdSoy_yd9M9ZuWPAc_ouTg4fB95ZwnUmpBcknqb51lwM0pz6Z5yiVV8iYKHm6oLSWXMyI3a5vgdgWci7zNrScroH_kqZ21V0eTGHXMA7bVsYCPSKAUOXUgDcdj1xFb8RXbJ1bxWiCe6XkV-xGvpN7cBdU4aL5Mal-Ce7jWy2DDiDsXOhcWgWlg-GeYVy_h0pdkmXe9AK2blSHAsi-afFsUAAbtKk_nM-T10_FeHQUVaV5BOek3hm0FnVmoAoF-s9IxpK4Mk3x1GtW5_sFp_kHB1ddGDa691PhcUdJaL4QPqDFC7KYI2-VxnSVhg_mQsRL4F3Y7biFNwUaGR2I1SXoFyMpnbLXpg7grvN_oATb5rguEi_ogkesXuJ8a1tZsF4ty2bjcjxivj7QjMJ9c9D9dM7CNAJyBJ0VJ-A8WdE1vi5QnK2LJx9LDEmrS7N_Od23PvltK_dfyA2LMZvmSsXLYJSFFauNCN67h9n8tAcmUV4J6wTjF_VY4PE/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 08 Nov 2021 09:20:02 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 0794 5 KB
3 KB 21ms
21ms Script
text/javascript 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=38689783;rtbwp=0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0;rtbdata=VpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2;oobclicktrack=;js=1;adfxid=1x;1482;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.tracking.my%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4e24cb6edc11fc5b5194bf012d90af6d43210bfdf91e4c7c8e50e082a51a28ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2479
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0794 36 KB
13 KB 44ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54906
x-guploader-uploadid: ADPycdtvG23HmvQsQwuLz9Af9FJJVzd3AfAaVP-GvOCJKicY5JLXaqdbc1YsyySzShH5gTMKGwX08hKjJjHm_zlxwfhV-bxGvw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGUoYQeX6IkgrAsP9AEB2u5N%2BYbwQI9krcuOnToSHD2o%2FHXHG5KwMG1Q8U4Aw3f1C37SQGZqZ6OWUHqu4Ls3%2F2CVCsSEZ2hZUS8%2F5ku%2B1%2FWAng%2BSZWjuOaHXUw2JltRNg2XBTzI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6aa465894a0969a3-FRA
expires: Sat, 06 Nov 2021 14:55:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 0794 35 B
470 B 21ms
21ms Ping
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38689783&csi=sCVBaIaMXfUhI8ZCczfoiewe6EsTRhtAva5IbWAvMwQJDwKV3Zer3FtcWE5AXx1V4Q6xQek6P0AGUXgIk77-6WQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:06 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.tracking.my
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 frame.html Show response
ad4m.at/ Frame 0E1B 2 KB
1 KB 316ms
15ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires: Sun, 07 Nov 2021 07:10:07 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 868564
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9o64YRzthtxiNyjrrk%2BPd9I4EDVS07fJ57lU4HSV2xcMI0euGTQP0ppGhcDeOHNB%2FIUO2eaU2Qid3wCD0Gq8SbxHdCqwdM5gRTP8y0nv3J0LnGUp5Cj4AV1y8DCf9XWFWLy0Qw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6aa4658b5dc169a3-FRA
content-encoding: br

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 0794 34 KB
15 KB 25ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:06 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 08 Nov 2021 09:21:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1E3E 4 KB
731 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 04:52:12 GMT
server: ESF
date: Sun, 07 Nov 2021 06:10:07 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 06:10:07 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 2858 1 KB
1 KB 21ms
20ms Script
text/javascript 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=31340181;rtbwp=F623712332697083;rtbdata=tTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/e57fe61d-e6de-490d-b23e-709f70e4f038/

Requested by

Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c609b225eef69b2ff680336880854ea20d8e4b5dc2446a65059db302abbe4f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1122
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2858 3 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 06:03:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2858 120 KB
37 KB 323ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 06:10:07 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2858 15 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 06:00:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2858 0
0 21ms
21ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbfDIwxU-4N_3F5DB1csK8hTL67YcHdVE1ZWmMoJ3rqm7clVwdMd0uerQE0ywtmh18UrxceN_cgvmmAX2fNKZkPKv6dQ
Requested by: Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2858 22 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Nov 2022 09:25:36 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 1E3E 19 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 05:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8166
x-xss-protection: 0
server: cafe
etag: 3013067873597081824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 05:51:44 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 2858 33 KB
16 KB 26ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=31340181;rtbwp=F623712332697083;rtbdata=tTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v2/t/0/e57fe61d-e6de-490d-b23e-709f70e4f038/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 08 Nov 2021 09:20:02 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 2858 6 KB
3 KB 21ms
21ms Script
text/javascript 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=31340181;rtbwp=F623712332697083;rtbdata=tTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2fe57fe61d-e6de-490d-b23e-709f70e4f038%2f;js=1;adfxid=1x;4944;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.tracking.my

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c4134112f6648b0370d75f8c6c707211d92751137a793965e7f26d434a80a53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2793
expires: -1

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 2858 36 KB
12 KB 204ms
33ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd9a37648810601272a820080ad8635648370754d391f27cc275f9bb4151b362

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=Nzd20Q==, md5=FT1+5xhXhiPpPKh1RF6I7A==
date: Sun, 07 Nov 2021 06:10:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53993
x-guploader-uploadid: ADPycdsFtq0ZcdynlYIBJP0HG5mVzwvSvEuPWeQ5d3-omJN5E9Mgf1_F3dINw_EhUOaEGNaxiKIiQKPotEPCFU_cF_9rFN_Kww
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 15:09:54 GMT
server: cloudflare
etag: W/"153d7ee718578623e93ca875445e88ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tSwJeNq3Z2DydgrzxYZNShVnHQlk2aPHDz9KTkOSKAvxT8%2FT%2F9SQFDLMCIOGIc9BUWLDr62kK84VCXHFUMVOyPrhwWbNqwtAHipJxOYDBqGPmxJgYnI8WbvH%2FmeiIwx%2BImxmYo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635865794515906
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11937
cf-ray: 6aa4658b5dc369a3-FRA
expires: Sat, 06 Nov 2021 15:10:14 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 2858 35 B
502 B 20ms
20ms Ping
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=31340181&csi=jNFIJ5hXa9yQNGYiCX2-uZk2rxtwf8ra4o-MMVUHH2PZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 2858 33 KB
14 KB 25ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ea3752b1e50ae383ababb6da6c0c8a55f1137dd7ddf9e9034b3673e76a14a9d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Mon, 08 Nov 2021 09:23:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7B68 0
0 43ms
42ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMbid10dS2xKkEIFL6Uk-XtlpZ2LbaEdAtOL1ocgi1ohMydQ4sh_iSxR2l0sG3UgN4epLHMw_ZGNpN9zfIWy222SEPYcc7F7htX5J8iA1DL1gtpqn70GrPkzpjT4S7eQ_by1c4BDiwavsog9wsFGn_XLIjn7jQD3wE80qIIN02aTOvMBYIt4HvZF4zNw_VU_kWT-hD4DZYW4a7cmhBHObNbQzySR8h0MCpkFOhlq47IvwEZvUOHRb3spncHTLoIrcKpgd1cDSXbwNoWyiOnwgoVY7YtyI7GrfiWQ5xOQDkqMwX0PYhSD68TESKPIcp3msZkgw6WIVDjfeo_KkgUp7qBHQhllz3iaosA5VgbLpbhYqIYZ2tfoPsH50Dp8phJijLJGxC6j6UBg5k&sai=AMfl-YRv73Io1rOQNdokp0aUDswNK4UzXEBnoBqbcysfv1IoaPM814cWHPhWA-dyuS7roN6ZX-7PsMgJtq-ytxBkOZu0UzwP4zxOgL7Kiu-zxZD0DApnFj3xd29jWbUmQjjz&sig=Cg0ArKJSzAqMeiF1DTYuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 06:10:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 07 Nov 2021 06:10:07 GMT

POST
H2 200 rs Show response
ad4m.at/ Frame 0794 1 KB
1 KB 33ms
33ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fa1c81f826a2205885a0f081125cc21d6afa924e181d4a1731ad82a14d3404e

Request headers

Referer: https://www.tracking.my/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6aa4658bdd615bf9-FRA
date: Sun, 07 Nov 2021 06:10:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZMM38D4qfm47Wun9ZcitenjUB%2BdxswhWet7zZWy%2BStejgMqC%2FeD9EiagxjCS7T19lpXupvLwLZC8nfSrbgCpbBHqtemgJ3Q32ztP1baZWRHBwMCWX8AS1hhBQt6MPRqlUf4POc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.tracking.my
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 43ms
26ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.tracking.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://www.tracking.my
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BGTdXeEJfwM9DIASiAcpVaPkihpaKmdMEitL6rfBmKn1e2PhtebpAOoNAC3b3HSWjGaaEkeR0BCkQuajBiA%2BCZuG%2BweULbz15vk9o1bAVNjet%2Fsk6Lf%2F2619%2FPKetjRs7q961s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aa4658bad225bf9-FRA

GET
H/1.1 204
No Content analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame 2858 0
64 B 130ms
29ms Script
text/plain 18.203.131.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=284364&di=www.tracking.my&ap=&dm=57&pi=1422796&ti=e57fe61d-e6de-490d-b23e-709f70e4f038&r5=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36&dt=8736481428691810142000
Requested by: Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:07 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0B86 281 B
554 B 33ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Requested by: Host: 7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
URL: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 07 Nov 2021 06:10:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0B86 32 KB
10 KB 9ms
9ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 684a31ea5c10e66e1393a0d21584529f2c779990a7e574842832815a1c017d8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:14 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=28101
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9509
Expires: Sun, 07 Nov 2021 13:58:28 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame 5398 2 KB
1 KB 16ms
16ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdul5Ccw7d7rhgjk4K-9bNVBIMJUbbihzRGNqm4eKjFMeeucQ20B3FnwIcyOYympdB6UUlF8mlNguKXZm3TvRLI
expires: Sun, 07 Nov 2021 07:10:07 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 868564
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77BFO%2FYHmDFPlhrqUvEhaTdEcW2NJ715dnuEfroUzLoV5OQOihvSHtgE49tTCv6020q%2FjRZsoE%2F%2BtKVO2idR5Vvg3lQwbLT5QlC%2Fxp8V7UoT0JaiJ6yPcBYiZcqC8mS5U3FTsks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6aa4658c0f1d69a3-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame C5E8 8 KB
4 KB 30ms
20ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f6ece41c2e21f5c8ade5dad3a40792aa6cd44b6caac6308191f25bdb771e41b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6aa4658c1f4269a3-FRA
content-encoding: br

POST
H2 200 rs Show response
ad4m.at/ Frame 2858 1 KB
1 KB 31ms
31ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d82f43b3bb2fee7880b0ec3e6284951361c504f4ccf004688fed2aff36bab6

Request headers

Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6aa4658c6e595bf9-FRA
date: Sun, 07 Nov 2021 06:10:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhKlQ0aKGPzGI2jD3iorl65xYNOnq4fMq8MT4cmTDW3nw2vB%2FLWmBj4nahdvaZ7YT02ult5MRap%2BHolx%2FKCSfi2KTvB6fTRwlUTPkjsdzBZEIV2xIftkZb7H2ZnAjP2GmxrIMD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-bd8c

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 23ms
23ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-bd8c
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7A3q07ngsEd0gOKIh0n5qOJnOUDDcMu%2B3Es4hiyfJG6BmwQyNmctIZQZlLmLmrw6JZa9M7nu17myqZSgaNQ6Vza%2BwfmaFL9xEXKtomKLUD5hc0kfnCxGkx6d2K5KdXlHLG9%2FT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aa4658c4e0f5bf9-FRA

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame C5E8 64 KB
8 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 900998
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 27 Oct 2021 19:53:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6aa4658c4f8769a3-FRA
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame C5E8 53 KB
54 KB 30ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124790
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdtXugkQNtLzhG-eZlTKKk7AxvzSYQsferS0RbKbCM6vY3blnAtynqyJYqVsyWhKkatTRbe06i6ODnw0vA6T-BY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HX2iAZlsm9Slx%2FHSq9fDM4pL0REo0jMbHleOIRfsmD72Km7ROsyqQ18hf9Cg0pPwvesq1WkTnfbA%2B4BNckmZEWLNkiDytnF4bQFtl%2B8SpTtM3%2Bk5U%2F2JhSNRAClRHG8TZia%2FVpMQpepvfbJG"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6aa4658c5fa269a3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
assets.ad4m.at/product_image/ Frame C5E8 24 KB
25 KB 44ms
36ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=GgFtbw==, md5=1x50pvEeeTFx98g4ha5cJg==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131829
cf-polished: qual=85, origFmt=jpeg, origSize=151606
x-guploader-uploadid: ADPycdvpASLFcm8QffGazoPqJKlnlRl6vdo4jl1fOZGq_WY5DCP_1lQIStxiwOMOCt2mkxURz1wTqKemIGxCRtIIH2lOHaWfig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24794
last-modified: Tue, 19 Oct 2021 11:55:08 GMT
server: cloudflare
etag: "d71e74a6f11e793171f7c83885ae5c26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ou7th%2FlEZZB1ZIGXcfB3PGNgMMhsCNJ1xt1uonMN2yJ2BjmC0SzEkPDpGTGmvGeTHAxWusNUKyyojNqp38HGyfKN7M86AYFhrmgd9cnM5XGclvzcsEP8M16JoYdLcWe78p4ukwh4cN5OV3Gg"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634644508544717
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 151606
accept-ranges: bytes
cf-ray: 6aa4658c5f9b69a3-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame C5E8
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_consent=&...
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_consent=&gdpr...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021110707100758272252721X117679V1226132702MSoneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202111070710075827225...

43 B
796 B

34ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110707100758272252721X117679V1226132702MSoneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&wfid=117679&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:07 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sun, 07 Nov 2021 06:10:07 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110707100758272252721X117679V1226132702MSoneidGX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUEoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&wfid=117679&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 880B2BB26803FDF3AA8D102C390A9E480100E26E068787FEEF905B9EC296B601FA556ACC3B0BF9BF93C37FA66BEA8A44477230B66086B723E3DFADC7C070AB70
assets.ad4m.at/logo/ Frame C5E8 2 KB
3 KB 42ms
34ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/880B2BB26803FDF3AA8D102C390A9E480100E26E068787FEEF905B9EC296B601FA556ACC3B0BF9BF93C37FA66BEA8A44477230B66086B723E3DFADC7C070AB70
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b268c08438e3189357c6c08c859a3c3db757c62563e3450adbd4cdf3dc0d8d7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=1E3C3g==, md5=jFI8eIMOS+WfuUPtmBNwHQ==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125027
cf-polished: qual=85, origFmt=jpeg, origSize=6814
x-guploader-uploadid: ADPycdtGPscWMJRVHOBagA6MnVw-OuTMxf6DzXcVe1LaDSL1KXVGJSgByAzQRX78Vo_E2rmHdgrBpNNuoIpAuu22Fv0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2438
last-modified: Wed, 22 Jan 2020 13:07:36 GMT
server: cloudflare
etag: "8c523c78830e4be59fb943ed9813701d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLjkobQqckcnGCIvkmV8e3VJPfe3iblYeNHDTIyuiSoZ59XREAFWuw8LEjBeqTdWp3pzMbsrzc2MG90MUvuwGPA%2B1mgB853qf9%2BPMqwGNk0sK0neog%2BP1w7uyiiFDz0bnhdygulGXDg0IjML"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698456959942
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 6814
accept-ranges: bytes
cf-ray: 6aa4658c5fa069a3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 E25C8A0C6D39756E8692331948BC0DF72D2E5CCB24F36383E0FE70B5E66B5BB9548B048C8015A82D0166A5026F3DBA7ED601679B81F2359D8573D2174BAA099C
assets.ad4m.at/product_image/ Frame C5E8 105 KB
106 KB 24ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E25C8A0C6D39756E8692331948BC0DF72D2E5CCB24F36383E0FE70B5E66B5BB9548B048C8015A82D0166A5026F3DBA7ED601679B81F2359D8573D2174BAA099C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18628410e439562258d896f286d7c012443d37601596604cfab8149188c2bff0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=Ns06LQ==, md5=blGIZ3AblzRG6T0GRggW1w==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 134915
cf-polished: origFmt=png, origSize=176109
x-guploader-uploadid: ADPycdtJU-pHf8pgKvqk4cw2wb_Qtaok5hwj8vKPc8AiEPOW_wQLGH-MGOUu87JouMIqZbqwjLMDlOn7LD9pYOr4PDc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107890
last-modified: Sun, 03 Jan 2021 20:56:22 GMT
server: cloudflare
etag: "6e518867701b973446e93d06460816d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehLj%2FZYUZgKEVYFCPO4MhKaY5tZ14Kk%2FfASBzkvd19Z5Gs%2FdYdq5FNdT53qIUJcquSW6uxu%2FJdcVS6R0uGmouWJlHXlMn%2BjwFZLB1%2Bl5jsmhQ5gvsXJGhzHdCdEUP1xYXs4u6fBD3W4VXYft"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1609707382774519
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 176109
accept-ranges: bytes
cf-ray: 6aa4658c5f9d69a3-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

zanox-captrader-htlp.php
captrader-tracking.de/ Frame C5E8
Redirect Chain

https://www.awin1.com/cshow.php?s=2163948&v=11795&q=337372&r=412871&pv=1&pref3=oneidYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCroneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_c...
https://captrader-tracking.de/zanox-captrader-htlp.php

0
0

41ms
12ms

Image
text/html

116.203.138.1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captrader-tracking.de/zanox-captrader-htlp.php
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Server: 116.203.138.1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.1.138.203.116.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Date: Sun, 07 Nov 2021 06:10:07 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://captrader-tracking.de/zanox-captrader-htlp.php
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame C5E8 9 KB
10 KB 43ms
35ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 134786
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdu36wRkkm2axNMkeW67lR_SgnwE1naDiTP0WcXHkYt8Hpty8vQSjW3UeNF5X9_fAXv4JWNNE4VcAtzKIDYCWrtHWBZhZw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqecoc94UDSbzkbpxt7St20VhfTT9%2B9HBc6Cv0iK2hQVzmXaKtmGCxjah6HCWphiOQd7Opo12EYHXnI390%2FsjPMMEcCm7Sae7dAgq%2BpBYAQ3%2BPVi8LWVLGZPSWk%2FPOtoDVjgLWIW%2Fcu8Oiq3"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6aa4658c5fa169a3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
assets.ad4m.at/product_image/ Frame C5E8 20 KB
21 KB 24ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=HwscaQ==, md5=QEKMkuOfQyYKQIg2TmID3Q==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 868561
cf-polished: qual=85, origFmt=jpeg, origSize=109711
x-guploader-uploadid: ADPycdvy5ZSOuWMz-kevXaMcy-GrK9_0U3WgJZACwmjP0YvstJAM6XkwFimB0DCLc93vRXWU_A7mYPGeS12V8GoxbqmdeDI5fg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20822
last-modified: Thu, 21 Oct 2021 08:32:12 GMT
server: cloudflare
etag: "40428c92e39f43260a4088364e6203dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vmte%2BnC58AbUZpnqyR3Hs%2F0iGoEoGIC1s%2FSfW00qlgO6tHL4dmjFVu6QHVqWb3ce8YrFD7wxytoVldo7e8o1iy%2FH0VXYBwvHAGVmE6Ni%2BJwmdksxhWs53CFl9Zh0yv3uDXjVwjaRtDOjG9Rf"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634641277633965
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 109711
accept-ranges: bytes
cf-ray: 6aa4658c5f9f69a3-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame C5E8
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_consent=&...
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&gdpr_consent=&gdpr...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021110707100758272252719X117663V1225131106MSoneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211107071007582722527...

43 B
778 B

35ms
9ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021110707100758272252719X117663V1225131106MSoneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&wfid=117663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C672%2C161594&b=GX8TBfjd3RHx6QBfKHeHGtPtppJH2TYTQbUE%2CYmrurfzX9Vc8GhVH9HetQt7J3uAT1TZVCr%2CX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJ&f=VA3TwfMR1AfJr8zuVHbHAtXCEEmckTzTeZfQ%2CqZ3tmfBZ2buwghZHgHDtRC7bquPTgTmBc3%2CeXPT3fYXD6Ug6GwFjHZHet2C44EfjTQT4Xu1&c=728&d=90&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=3080ca081612274e03f8051498fd70ac%2F13647713351044384540&i=20774%2C4631%2C20773&j=14%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_DC&r=1636265407352&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38689783%3Bcrtbwp%3D0.02889-Ppo7CmGpXfK5lsWM1GZK7zIfU8hNr2ZK0%3Bcrtbdata%3DVpqHlfC6qeUa-rsbXhk8a0vGu0JjY4SRRb0fvLTQnJjlrz03_aSIkyaYRdaC5s3IdfbojnNZZ6HAE_FPMKxfwGD0f5RdH5jwj6Yee9YP4HrwJUMh5VW42CsMcTnXkSU85ITSkrbhID2d5SlYjqU6N8Llox8Axerrbp1UKkSeINLvBeZLG4PiSw2%3Badfibeg%3D0%3Bcdata%3DJU8iwiXZ5lE49FVYGBvrUwl_0O_0uPvEPgTqFjariZtoBSKF7p9A0A-QXW2MQzvn_RNgG1_TJ2y1PuaPO2Wow8HzWJ8iG5IJjexxSbmQI_dLlA1cXL1hJTVFrSd_3BfJ8MRcTaEywXBz6PtjHQigRcegUSTf2QqAw3iI60gHGBc1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.236 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:07 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sun, 07 Nov 2021 06:10:07 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021110707100758272252719X117663V1225131106MSoneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&wfid=117663
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame AE76 9 KB
5 KB 28ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebfbda746093df84be08f2b887d843eb096d7366c66015e2c74aa788ecfcdc7a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com/

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6aa4658cb87069a3-FRA
content-encoding: br

GET
H2

200

IKwwVB5I0LXYaup7iKbeIA
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 0B86
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQE...
https://pr-bh.ybp.yahoo.com/sync/rubicon/IKwwVB5I0LXYaup7iKbeIA?csrc=&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAH...

43 B
322 B

34ms
34ms

Image
image/gif

2a05:d018:d29:3601:df82:91d9:7297:1e70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/rubicon/IKwwVB5I0LXYaup7iKbeIA?csrc=&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

2a05:d018:d29:3601:df82:91d9:7297:1e70 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

Location: https://pr-bh.ybp.yahoo.com/sync/rubicon/IKwwVB5I0LXYaup7iKbeIA?csrc=&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B86
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAA...
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODIwNDhhODllYzhlM2FkZjZlM2Y5NjA2N2NjM2I0ZmQzNTczZWNhMw&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQA...

170 B
188 B

32ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODIwNDhhODllYzhlM2FkZjZlM2Y5NjA2N2NjM2I0ZmQzNTczZWNhMw&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODIwNDhhODllYzhlM2FkZjZlM2Y5NjA2N2NjM2I0ZmQzNTczZWNhMw&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 709414.gif
id.rlcdn.com/ Frame 0B86 42 B
417 B 39ms
15ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 06:10:07 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0B86
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAA...
https://match.adsrvr.org/track/cmb/rubicon?gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAA...
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fff4cddb-11c6-4cc3-85c5-fc39393ef461&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBA...

42 B
911 B

103ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fff4cddb-11c6-4cc3-85c5-fc39393ef461&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fff4cddb-11c6-4cc3-85c5-fc39393ef461&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 601

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 0B86
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABA...
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVOU6BG7-4-2XM&sigv=1&esig=2~25d0a6a94b5d356e130a9aac9b0006e44b343a38&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQ...

0
444 B

69ms
19ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVOU6BG7-4-2XM&sigv=1&esig=2~25d0a6a94b5d356e130a9aac9b0006e44b343a38&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVOU6BG7-4-2XM&sigv=1&esig=2~25d0a6a94b5d356e130a9aac9b0006e44b343a38&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 0B86 43 B
398 B 55ms
15ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4067 88cc6bf master zrh-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:07 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sun, 07 Nov 2021 06:10:06 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0B86
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvl...
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAA...
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYdtvwAAAPWcHABG&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACS...

42 B
911 B

30ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYdtvwAAAPWcHABG&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&_test=YYdtvwAAAPWcHABG
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636265408.625427,VS0,VE0
x-served-by: cache-hhn4068-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYdtvwAAAPWcHABG&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU&gdpr=1&_test=YYdtvwAAAPWcHABG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B86
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABA...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZPVTZCRzctNC0yWE0=&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCA...

170 B
188 B

32ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZPVTZCRzctNC0yWE0=&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZPVTZCRzctNC0yWE0=&gdpr=1&gdpr_consent=BPPSklsPPSkls__AAA__DX-AAAAvlIPafYrCwoWQ3PJ5JgAgEK6BgQCFQAAACAAEQAIABSAACAUkgBAoiUAIAIRAAABARIJCAAgQAACSgAHAAAAIAggAAAAAAABAAQEAAAAAABAAAAAAAAAAAAAAAAAgAAAU
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame AE76 64 KB
8 KB 29ms
29ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 900998
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 27 Oct 2021 19:53:29 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6aa4658cf8f869a3-FRA
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame AE76 53 KB
54 KB 317ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124790
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdtXugkQNtLzhG-eZlTKKk7AxvzSYQsferS0RbKbCM6vY3blnAtynqyJYqVsyWhKkatTRbe06i6ODnw0vA6T-BY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rZONOXIln6yTqDWVuuQvs9BAAOAwc6zHJQ5Yn6ab1LZuLF6h6oLFh7E8LSNtDmG7%2BjLqqwnZP8kqng5VH4pWMleATSOELjvmGCWMNGzH%2FTE15t8ehVP%2F7PwQos%2BbBYLyGD3PaMvDzt7jce7"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6aa4658edc4f69a3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 FC95D6B1B17E58D9A7C7F27DEE25026F99243A39E37068D19054C4EF9BF0567E774AB9F658D700805C14A5A6EBD6FE8AB17053D4FD3531147BBEA4AA0AC23CE6
assets.ad4m.at/product_image/ Frame AE76 12 KB
13 KB 321ms
22ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC95D6B1B17E58D9A7C7F27DEE25026F99243A39E37068D19054C4EF9BF0567E774AB9F658D700805C14A5A6EBD6FE8AB17053D4FD3531147BBEA4AA0AC23CE6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 624ed4ddc2be730db955a9f11b5b50e890813baa337be31ea1beb127a7baef95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=06aXtQ==, md5=+yuMxpjzeds0hh3zLVmrTw==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 134874
cf-polished: qual=85, origFmt=jpeg, origSize=24998
x-guploader-uploadid: ADPycdvHP0Uy0uVXVCBIajvR5_lwK_xLjDi0GERSF3seISC4ZTgpKLl5XiKIwfOpiiDKHY40M5Qg68SAAh_06Gr2FBs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12292
last-modified: Wed, 22 Apr 2020 09:37:19 GMT
server: cloudflare
etag: "fb2b8cc698f379db34861df32d59ab4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHHBSKVdykyfyzhLCLjySwP2vvXx8i8XP7k3AjZO8Kr2KI5FYSKRRLopaM3g7ndHxz3wQt4p0SmmU2qrdPP2zIjPQb2Vd1CNZsYiRS48fkhxZM%2F2YjcCJt30A9jb7QYLOy3dmSQSDo%2FLv1qr"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1587548239748016
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24998
accept-ranges: bytes
cf-ray: 6aa4658edc5a69a3-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame AE76
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=oneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&gdpr_consent=&gdpr=0...
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=oneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&gdpr_consent=&gdpr=0&gdp...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2021110707100758272252737X120211V1226132702MSoneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202111070710075827225...

43 B
790 B

26ms
9ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110707100758272252737X120211V1226132702MSoneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&wfid=120211&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:07 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Sun, 07 Nov 2021 06:10:07 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110707100758272252737X120211V1226132702MSoneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&wfid=120211&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame AE76 12 KB
12 KB 314ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135282
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdu2H8EztDRkH7xMxkUi_RR54ZTCPrkYJAbFNV3c3b0sQp7Fc5Lbo0cB4LGAzujpB30IhyXag9KvJxClvmnIQ5zdJ6m09g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYt9%2F8CA3rMTO9BTMHGKe%2FGOf4QnM3IlPElPRsM8nGWl5aBG%2B4H%2F3rcG%2FnfreLs80T1PE1pqvVS%2F0NgT4inCCJWSzryW2YYSJbvYWVjfUQ%2BQZoiX8VtOIETP3kA3yBoCuWZnykF7W8ssM6EL"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 6aa4658edc5169a3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame AE76 10 KB
11 KB 313ms
15ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 126416
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ADPycdtC2b8Yngg5yVlxzAPtUKo0q8W74LSknss54UhJEsDMmv2fskYAtpCNI4OqzlFwwhB6KVVwlbniGCI2gMDKLNo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10372
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYRrC%2BU4PFNg80ef%2BBH7Nj1KtodHQe8WD035QWWhVCikDz7YUlszDDbl5xLuJfHesYpBT3Ziov7nHexa7LIxVzbTNWoqMzpHnqPo2IgINSyd35qEPFKmv1tWS%2FXQEQOxaSion16LrJPiHita"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 6aa4658edc5869a3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame AE76 38 KB
38 KB 324ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 133660
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdsnilcMsdQ3qy3pvowIVuXwzozqaPLH-TJo0ENpEbM-iELcRG5h63vsEBexZkqZBlLNAop6TVpL87UL5Ao0qVc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FseHUaIiE%2FIW4zRXnY5RYLTd21igJZKaUsZBLoH677g%2FDr6Ix%2B%2B7LZ2ZvYPVtYfx8aad0%2BtblqK0evv5ODob3TRiD2%2F0pY6Za6NN3WGN6iVr6Wfyr8mtNVi2kXn5XZlKDKIfUuO3eewCLiEi"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6aa4658edc5769a3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame AE76 84 KB
85 KB 312ms
15ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sun, 07 Nov 2021 06:10:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2001421
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdt0auuVYXxKcOeI32Nv-fvSJQzYQvFVwatuzPsEZD0eRaq_pBpNbp-MnA5kVrbBdCHt3HyAtodlGclxYmOQ7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85737
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpqcueLwUDOj7Jh6xLEjU28KOEr%2B%2Bl7oucqkVvicANTu8MhGIUkH%2BMofhyt1qcLV0MMnpgeyLkP7VZpX%2BnGkkfly9F0Y6r1qoGTxdLfiSbWkG7EXzT6bzgm5x6Vlur213fjWk7fg%2FlBYfj%2F4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Mon, 08 Nov 2021 06:10:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6aa4658edc5469a3-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame AE76 1 KB
2 KB 178ms
95ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid73DSqfzfGEAFrHXHgtECr64f4S1TrgfMoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&viewref=oneidmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfAoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: b508811af051bfcdced61bffd5d030c7b4af08b9dfa72b24e17cc36d07cde3e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:07 GMT
Last-Modified: Sun, 07 Nov 2021 06:10:07 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1437
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame AE76 1 KB
2 KB 186ms
103ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfVoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&viewref=oneideM3f3fVfMrWsjHZHet1t42BTwSQTx1f1oneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: c93ad0cd6f284499dfeb36de7eef3072032443bf698b5b66e18f954bf7c4dba8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:07 GMT
Last-Modified: Sun, 07 Nov 2021 06:10:07 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1449
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AE76 51 KB
51 KB 44ms
9ms Script
application/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid73DSqfzfGEAFrHXHgtECr64f4S1TrgfMoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&viewref=oneidmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfAoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via: 1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 10:14:21 GMT
server: AmazonS3
age: 2438
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 07 Nov 2021 05:29:30 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: JbndXdW5reAQtlT07Ne6avVQP_tkcW_HmxvZvvJr1MacZboLXAq_Bw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame AE76 25 KB
26 KB 68ms
22ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidX8MCzfrfQ8ds6H4HetqtY8phQSkTXzFJoneid__asuidTBbGtLucAyFhJF0bu11t0tWwdlPRr7ipasuid__reach_adf03netmixsis&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:07 GMT
Last-Modified: Sun, 07 Nov 2021 06:10:07 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame AE76 85 KB
85 KB 83ms
32ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidE21fDfEfmEDsACAHjt4t48eTKSVTmjH7oneid__asuid-8tPVggluRQVd3rW-kWTu_mUUNP1qBzRasuid__Stroeer_RON_mobile+300x250_2&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C43784%2C24673&b=4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfK%2Cmp1UefGfVpYsmHZHZtzt2D3CKSwTXjfA%2CeM3f3fVfMrWsjHZHet1t42BTwSQTx1f1&f=rP1aQf9fPzPTAH7HjtJCBBKCYS8TKmfd%2C73DSqfzfGEAFrHXHgtECr64f4S1TrgfM%2CDkAa3fwfrGZa3HmH9twCZqRsxSmTkjfV&c=300&d=250&e=i6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMS&g=e67e9b77cda5019662ac20cd7cf22d22%2F7882593832374461361&i=20774%2C27720%2C20430&j=14%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=reach_adf01netmixdc&r=1636265407445&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D31340181%3Bcrtbwp%3DF623712332697083%3Bcrtbdata%3DtTlEZhFYJRzL9u1Izp3VEEM6LHefVvFFBG8oxPGBcocR5BbnWZwgrvbHICtuUYkN77dlnn9dkmMHRm_VWFYjrqFMlbyoVUE4P3NK9bkejDf7ozv-Qw-M1VESy1DdY063jtSM6f87uHCng22X3HT093k6nKBN7qejbFX7gLS4p2YcRr1SXxW9xyDYfuJzsmR8QTWABjbo5eJeED5s2fp5Xs_1wcoXbnHlplCIZNssHKK1h0LFmu_albUvglK_XiPaiSTXs7WgH2M0Kp2_TEHJ1Q6LS3tYlRzbnKzMZ7zdmJXqtG1pvQVKkgR6OCkWhui8ULbV5YqIaMtPJfxoiDKhm82rKbhsTnJAhmTW5_jMRMNqkCd9ntIQrJjPMIlgGezsn7hLRNoRfgHEhYgq-9bjIieheoegvN1zZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuoufE-3jbSMCbs3cWOcF9dDqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMt4h6iVhZw4Tu7dbG2ZhR9oVlzfpmnsosf_Ln4qOBJ5gAHS2qSrOJPI2x8leH6EVpprC2jc4xHetkJf9Dv9Lj7xL6yx5pcaF487v8EibPjyvASirr4YKOloqAekDZ9kB2ee23afg7BMWI46RdYUdtfb-FBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.tracking.my%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:07 GMT
Last-Modified: Sun, 07 Nov 2021 06:10:07 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 76ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 08 Nov 2021 06:10:07 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 368F 11 KB
5 KB 52ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tracking.my

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2088
date: Sun, 07 Nov 2021 06:10:07 GMT
content-length: 4685

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 63ms
22ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 08 Nov 2021 06:10:07 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 368F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=tracking.my&sn=ChromeSyncframe&so=0&topUrl=www.tracking.my&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=BkZR73xWTiszTUd5dDRyZFRaTWFMT2dXNTZiZUkra0lrbWNrNnJ0eVpuQmoyOVpGei9MVGQ2VzJtRkVyUlN4VEpqSTlMK1lpb0F3WXZNTUZvcjhmQXBMSi9NUkxRMDJVYVR3NmdPN3NMLzhucjlqV1hKak5SZnZBSVRJN2...

441 B
621 B

71ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=BkZR73xWTiszTUd5dDRyZFRaTWFMT2dXNTZiZUkra0lrbWNrNnJ0eVpuQmoyOVpGei9MVGQ2VzJtRkVyUlN4VEpqSTlMK1lpb0F3WXZNTUZvcjhmQXBMSi9NUkxRMDJVYVR3NmdPN3NMLzhucjlqV1hKak5SZnZBSVRJN2pENnZlZCt1QjNQVk9NZVV4aVcyOWY2L240ME9WY05STDc0QzkwanFLQlZSLzI1aG9Fd0lZamVCTmNkZmJ5M0E3S3FIenlpSkdlUW52SVRmeFlnd0JhbnZYeld0UFhPRzRXa2Zrckdkdy9sOGhMbzN6SWxqMk1nbm5WL1h3MHUvLytmRkloRGo2UFVuMFVHMW9ZZFdZenBUTUpwNDI4UT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f470a398324e7844b964be34eb869a0fcf78bb50bbb8105716ff93f0972f4583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 07 Nov 2021 06:10:07 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2386
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 07 Nov 2021 06:10:07 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=BkZR73xWTiszTUd5dDRyZFRaTWFMT2dXNTZiZUkra0lrbWNrNnJ0eVpuQmoyOVpGei9MVGQ2VzJtRkVyUlN4VEpqSTlMK1lpb0F3WXZNTUZvcjhmQXBMSi9NUkxRMDJVYVR3NmdPN3NMLzhucjlqV1hKak5SZnZBSVRJN2pENnZlZCt1QjNQVk9NZVV4aVcyOWY2L240ME9WY05STDc0QzkwanFLQlZSLzI1aG9Fd0lZamVCTmNkZmJ5M0E3S3FIenlpSkdlUW52SVRmeFlnd0JhbnZYeld0UFhPRzRXa2Zrckdkdy9sOGhMbzN6SWxqMk1nbm5WL1h3MHUvLytmRkloRGo2UFVuMFVHMW9ZZFdZenBUTUpwNDI4UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1654
content-length: 541
expires: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AE76 16 B
232 B 94ms
93ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Nov 2021 06:10:08 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 109ms
31ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 07 Nov 2021 06:10:08 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AE76 16 B
232 B 97ms
97ms Fetch
application/json 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-101-139.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.21

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Nov 2021 06:10:08 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 103ms
31ms Preflight 52.215.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.101.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-101-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 07 Nov 2021 06:10:08 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tracking.my%2F&domain=www.tracking.my&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=_wNpt3w4aXRES2NSbTZ0OXdnVjBSWnRsdEE2eDVqOGxUV3orUytvMzR6dkUxcVpIUWM2Z3c3OStEbTNncVprTURGa21idnFvUGZqbHZPVnc3TVpiNGVuQXQ1dWRaV3Q4V3VHT1hIazhFdkg3NWRSY0VOT1dBU0d3MDJPTn...

414 B
654 B

20ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_wNpt3w4aXRES2NSbTZ0OXdnVjBSWnRsdEE2eDVqOGxUV3orUytvMzR6dkUxcVpIUWM2Z3c3OStEbTNncVprTURGa21idnFvUGZqbHZPVnc3TVpiNGVuQXQ1dWRaV3Q4V3VHT1hIazhFdkg3NWRSY0VOT1dBU0d3MDJPTnFQM0tpOW9LbVFpWkRaMHBnNk9zM3J1RVV4MjBrRXNoTENpb3NCN1FQSHdObmlqNGpQS2hXaXFBaFcrZGZ5NkwxbFpmNkpkT0VVb3hWRFZOOFpIZW8rRkxNUXAzdGdRU1FTQTBzQjJsU09oUVNzbExWMG83cFFDblNMcHhEL2QrUklZVlJwVVVWUkZGQ1JPYm9icjd2d0JLNEowaldGZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

70d9b6a6c8d8922954427d62dd505bebeed6d2e653a10ce1058b77629669451b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 07 Nov 2021 06:10:09 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2124
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 07 Nov 2021 06:10:08 GMT
location: https://mug.criteo.com/sid?cpp=_wNpt3w4aXRES2NSbTZ0OXdnVjBSWnRsdEE2eDVqOGxUV3orUytvMzR6dkUxcVpIUWM2Z3c3OStEbTNncVprTURGa21idnFvUGZqbHZPVnc3TVpiNGVuQXQ1dWRaV3Q4V3VHT1hIazhFdkg3NWRSY0VOT1dBU0d3MDJPTnFQM0tpOW9LbVFpWkRaMHBnNk9zM3J1RVV4MjBrRXNoTENpb3NCN1FQSHdObmlqNGpQS2hXaXFBaFcrZGZ5NkwxbFpmNkpkT0VVb3hWRFZOOFpIZW8rRkxNUXAzdGdRU1FTQTBzQjJsU09oUVNzbExWMG83cFFDblNMcHhEL2QrUklZVlJwVVVWUkZGQ1JPYm9icjd2d0JLNEowaldGZz09fA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.tracking.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1767
content-length: 541
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 51ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tracking.my%2F&domain=www.tracking.my&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.tracking.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.tracking.my
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1345
date: Sun, 07 Nov 2021 06:10:08 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A608 281 B
554 B 18ms
18ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 07 Nov 2021 06:10:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 19FF 1006 B
858 B 28ms
19ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 2e796f5a3756845fec57a89986b1df7a47665f02a625ba971520c7147e530a32

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 07 Nov 2021 06:10:09 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DBC9 14 KB
5 KB 89ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=24633
expires: Sun, 07 Nov 2021 13:00:42 GMT
date: Sun, 07 Nov 2021 06:10:09 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3F10 52 KB
17 KB 36ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 01 Nov 2021 05:06:57 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 07 Nov 2021 06:10:09 GMT
Age: 5897
X-Served-By: cache-lga21977-LGA, cache-hhn4062-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 45033
X-Timer: S1636265409.083788,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 9AEC 926 B
1 KB 96ms
28ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 64a2/mMiEAEcE6A0Bt+2Erlf5G8/Vr6F+aKm35SudGm/mhDDMsfdh3kdR47hqOgX9Nj5IT4Nh94=
x-amz-request-id: WMCZ1XWCTS57FSV5
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 3445
Expires: Sun, 07 Nov 2021 06:11:09 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6aa465970fe63a17-CDG
Content-Encoding: gzip

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 3562 1 KB
1 KB 11ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 59995efb225a01ffe141e7ba7cacaee28b3b0497ab5a630d5f3ac70309d07a75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
content-type: text/html; charset=utf-8
content-length: 513
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7EE1 2 KB
1 KB 136ms
24ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/prebid5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.tracking.my/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sun, 07 Nov 2021 06:10:09 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A608 32 KB
10 KB 20ms
14ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 684a31ea5c10e66e1393a0d21584529f2c779990a7e574842832815a1c017d8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:14 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=28099
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9509
Expires: Sun, 07 Nov 2021 13:58:28 GMT

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 3562 0
0 13ms
7ms Image
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=6918425313689507291
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 3562 0
0 39ms
15ms Image
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=6918425313689507291
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame 3562
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3690&xuid=d7b26187-6dc0-4100-b71f-1559d17bfa1c&dongle=3995&gdpr=1&gdpr_consent=

37 B
352 B

10ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3690&xuid=d7b26187-6dc0-4100-b71f-1559d17bfa1c&dongle=3995&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eb2.3lift.com/xuid?mid=3690&xuid=d7b26187-6dc0-4100-b71f-1559d17bfa1c&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 07 Nov 2021 06:10:08 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3562
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3657&xuid=YYdtvwAAAPWcHABG&dongle=3c0a&gdpr=1&gdpr_consent=

37 B
352 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3657&xuid=YYdtvwAAAPWcHABG&dongle=3c0a&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1636265409.102791,VS0,VE92
x-served-by: cache-hhn4068-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://eb2.3lift.com/xuid?mid=3657&xuid=YYdtvwAAAPWcHABG&dongle=3c0a&gdpr=1&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 3562
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=2562834129239918971&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

9ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=2562834129239918971&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cbb558fd-8b5e-42e5-a19e-5d339553a7b4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=2562834129239918971&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ebda
eb2.3lift.com/ Frame 3562
Redirect Chain

https://eb2.3lift.com/ebda?sync=1
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjkxODQyNTMxMzY4OTUwNzI5MQ%3D%3D
https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=

37 B
139 B

8ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3562
Redirect Chain

https://match.prod.bidr.io/cookie-sync/trl
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
https://eb2.3lift.com/xuid?mid=7255&xuid=AAC0Uk7DDtwAABTMX-4OeQ&dongle=bzwx

37 B
352 B

15ms
14ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7255&xuid=AAC0Uk7DDtwAABTMX-4OeQ&dongle=bzwx
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=7255&xuid=AAC0Uk7DDtwAABTMX-4OeQ&dongle=bzwx
Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 204 current
triplelift-match.dotomi.com/match/bounce/ Frame 3562 0
104 B 129ms
68ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 3562 43 B
220 B 14ms
9ms Image
image/gif 3.120.56.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=6918425313689507291&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.56.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-56-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 3562
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

37 B
352 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:08 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 19FF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=579kxRly1MJBnz5

43 B
61 B

19ms
19ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=579kxRly1MJBnz5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:08 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=579kxRly1MJBnz5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 19FF
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=90c742e9-64af-48d8-a562-b6995f3af959&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=cacbfa6a-8f3d-4642-89f2-122eee8a15a8&expires=1&user_group=5&ssp=openx&bsw_param=90c742e9-64af-48d8-a562-b6995f3af959
https://us-u.openx.net/w/1.0/sd?id=537072968&val=90c742e9-64af-48d8-a562-b6995f3af959

43 B
61 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=90c742e9-64af-48d8-a562-b6995f3af959
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=90c742e9-64af-48d8-a562-b6995f3af959
Date: Sun, 07 Nov 2021 06:10:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 19FF
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2791158708660022454

43 B
61 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2791158708660022454
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a568b2f8-c696-4f17-8aa3-6b7170912ed0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2791158708660022454
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 19FF
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIemVrN0REdHdBQUJWbXFqODl3QQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHzek7DDtwAABVmqj89wA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHzek7DDtwAABVmqj89wA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...

43 B
163 B

120ms
19ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHzek7DDtwAABVmqj89wA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: HTTP/1.1
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:08 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAHzek7DDtwAABVmqj89wA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 19FF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d6396187-6dc0-4d00-b8f5-5c15dec24d59

43 B
61 B

18ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d6396187-6dc0-4d00-b8f5-5c15dec24d59
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x8 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=d6396187-6dc0-4d00-b8f5-5c15dec24d59
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 07 Nov 2021 06:10:08 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 19FF
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wOHl68C0vu3b4u7uwbTw68Kx5ejb4-S_k7Fu1cT-

43 B
61 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wOHl68C0vu3b4u7uwbTw68Kx5ejb4-S_k7Fu1cT-
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wOHl68C0vu3b4u7uwbTw68Kx5ejb4-S_k7Fu1cT-
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 19FF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8814327194925069517

43 B
61 B

29ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8814327194925069517
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8814327194925069517
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 19FF 70 B
264 B 35ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=49cd3edb-1ece-36d3-7d1a-1b3965efcbff&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 19FF 170 B
188 B 22ms
19ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjVhMmVkMTEtZDdiOS02ODc3LTY4ZmEtNDE4MGFmMGQwNTlm

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 19FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBLAxk0AYZwR41OJlCL0-u4&google_cver=1

43 B
122 B

24ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBLAxk0AYZwR41OJlCL0-u4&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBLAxk0AYZwR41OJlCL0-u4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 3F10
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

7ms
7ms

Script
text/html

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0445ba8a-e541-428b-ba98-316d1c71b9d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2d15a8f4-a143-4644-a286-db385f9d156c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 43ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1033
date: Sun, 07 Nov 2021 06:10:09 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DBC9 3 KB
4 KB 85ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70883131&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e0adbc5137537b59d228da1f91a4de599bd84112cf6bb98074e8416b99c6e7f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame E6D6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

29ms
29ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7a0f7f1e24dcb8a1f570893b0ee237ab73b5a71331396d82fac7c315f2e4f826

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|3|31|105|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1716
Expires: Sun, 07 Nov 2021 06:10:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 338
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 07 Nov 2021 06:10:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
Connection: keep-alive

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 8F17 35 B
468 B 24ms
24ms Document
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=62EA51E1-8332-4C29-A3B5-4A35C576EC0C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 07 Nov 2021 06:10:09 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame FA43
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8523215248887648817

42 B
211 B

19ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8523215248887648817
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 07 Nov 2021 06:10:09 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug013:0:445
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8523215248887648817
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8E0C
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
111 B

31ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 07 Nov 2021 06:10:08 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug002:0:2227
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Sun, 07 Nov 2021 06:10:09 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Sun, 07 Nov 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2639985

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C02B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7027706419234207891

42 B
365 B

42ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7027706419234207891
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 07 Nov 2021 06:10:08 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug003:0:467
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sun, 07 Nov 2021 06:10:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7027706419234207891

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1690
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYdtvwAAAPWcHABG&gdpr=0&gdpr_consent=

1 B
545 B

77ms
14ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYdtvwAAAPWcHABG&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sun, 07 Nov 2021 06:10:09 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug014:0:349
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYdtvwAAAPWcHABG&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 varnish
x-served-by: cache-hhn4068-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1636265409.257829,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DBC9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YupR4YMyTCmjtUo1xXbsDA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

19ms
19ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=24633
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sun, 07 Nov 2021 13:00:42 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6396187-6dc0-4d00-b8f5-5c15dec24d59

0
260 B

77ms
15ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6396187-6dc0-4d00-b8f5-5c15dec24d59
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:08 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6396187-6dc0-4d00-b8f5-5c15dec24d59
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 07 Nov 2021 06:10:08 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DBC9
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=62EA51E1-8332-4C29-A3B5-4A35C576EC0C
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=33dd7a0f2b1ff7e709f9565a523d00c9
https://spl.zeotap.com/?zdid=1332&zcluid=d2259ad2c8680abd
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8d683280-0985-4c2b-69c1-3e880538f57f&reqId=5bbc93ab-3b9f-4b10-496e-7d00ce2340ef&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESELvPV6Z7Mh7SeShVDXvamR4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8d683280-0985-4c2b-69c1-3e880538f57f&reqId=5bbc93ab-3b9f-4b10-496e-7d0...

95 B
164 B

44ms
35ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESELvPV6Z7Mh7SeShVDXvamR4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8d683280-0985-4c2b-69c1-3e880538f57f&reqId=5bbc93ab-3b9f-4b10-496e-7d00ce2340ef&zcluid=d2259ad2c8680abd&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6aa46599cce3690a-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESELvPV6Z7Mh7SeShVDXvamR4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8d683280-0985-4c2b-69c1-3e880538f57f&reqId=5bbc93ab-3b9f-4b10-496e-7d00ce2340ef&zcluid=d2259ad2c8680abd&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjJFQTUxRTEtODMzMi00QzI5LUEzQjUtNEEzNUM1NzZFQzBD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

79ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:333
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQaffW0tBGlztTUCbswZnI&google_cver=1

42 B
281 B

80ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQaffW0tBGlztTUCbswZnI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:505
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENQaffW0tBGlztTUCbswZnI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame DBC9 43 B
616 B 72ms
19ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 06 Nov 2021 06:10:09 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d6396187-6dc0-4d00-b8f5-5c15dec24d59&gdpr=0&gdpr_consent=

42 B
341 B

54ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d6396187-6dc0-4d00-b8f5-5c15dec24d59&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:408
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d6396187-6dc0-4d00-b8f5-5c15dec24d59&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 07 Nov 2021 06:10:08 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fff4cddb-11c6-4cc3-85c5-fc39393ef461

42 B
466 B

48ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fff4cddb-11c6-4cc3-85c5-fc39393ef461
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:07 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:402
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fff4cddb-11c6-4cc3-85c5-fc39393ef461
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8814327194925069517

42 B
233 B

55ms
16ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8814327194925069517
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:08 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:368
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8814327194925069517
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2562834129239918971&gdpr=0&gdpr_consent=

42 B
209 B

67ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2562834129239918971&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:431
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 83cec284-757b-499e-828d-c34d189162dc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2562834129239918971&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XPNm3lymPdhH8G3bXaZz3l6jZt1H8WeKD6OrcwX9

42 B
581 B

79ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XPNm3lymPdhH8G3bXaZz3l6jZt1H8WeKD6OrcwX9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug022:0:506
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XPNm3lymPdhH8G3bXaZz3l6jZt1H8WeKD6OrcwX9
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=62EA51E1-8332-4C29-A3B5-4A35C576EC0C&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QqMf9jxE2uV8SHzH9YA4h2_UAwqXnm8-~A&gdpr=0&gdpr_consent=

0
48 B

62ms
15ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QqMf9jxE2uV8SHzH9YA4h2_UAwqXnm8-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:08 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QqMf9jxE2uV8SHzH9YA4h2_UAwqXnm8-~A&gdpr=0&gdpr_consent=
date: Sun, 07 Nov 2021 06:10:09 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 62EA51E1-8332-4C29-A3B5-4A35C576EC0C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DBC9 43 B
873 B 39ms
33ms Image
image/gif 2a05:d018:d29:3601:df82:91d9:7297:1e70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/62EA51E1-8332-4C29-A3B5-4A35C576EC0C?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:df82:91d9:7297:1e70 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DBC9
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=90c742e9-64af-48d8-a562-b6995f3af959&gdpr=0&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d45ce1b0-2824-486c-b995-2ecaa788a913&bsw_param=90c742e9-64af-48d8-a562-b6995f3af959&expires=10
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=90c742e9-64af-48d8-a562-b6995f3af959&gdpr=&gdpr_consent=&gdpr_pd=

1 B
181 B

16ms
15ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=90c742e9-64af-48d8-a562-b6995f3af959&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:08 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:324
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=90c742e9-64af-48d8-a562-b6995f3af959&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 07 Nov 2021 06:10:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame E6D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYdtwQIzpg_PkRSbibgvXAAABHMAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKymjeogSA3vDFK6dskxCYs&google_cver=1

43 B
315 B

22ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKymjeogSA3vDFK6dskxCYs&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 07 Nov 2021 06:10:09 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKymjeogSA3vDFK6dskxCYs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E6D6
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYdtwQIzpg_PkRSbibgvXAAABHMAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYdtwQIzpg_PkRSbibgvXAAABHMAAAIB&dcc=t

43 B
645 B

104ms
104ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYdtwQIzpg_PkRSbibgvXAAABHMAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QC9CSP3TB37STX95XVEF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: H44J9BTCQ13QYRTG1ZKF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYdtwQIzpg_PkRSbibgvXAAABHMAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E6D6 70 B
264 B 34ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E6D6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYdtwQIzpg-PkRSbibgvXAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGHNzDZnp1iioNlp8r8iCWI&google_cver=1&gdpr=1

43 B
1 KB

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGHNzDZnp1iioNlp8r8iCWI&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 07 Nov 2021 06:10:09 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:10:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGHNzDZnp1iioNlp8r8iCWI&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E6D6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d6396187-6dc0-4d00-b8f5-5c15dec24d59&gdpr=1&gdpr_consent=

43 B
1010 B

63ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d6396187-6dc0-4d00-b8f5-5c15dec24d59&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 07 Nov 2021 06:10:09 GMT

Redirect headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d6396187-6dc0-4d00-b8f5-5c15dec24d59&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 07 Nov 2021 06:10:08 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame E6D6
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6895518092026246456&uid=Q6895518092026246456&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

18ms
18ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E6D6
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
1011 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 07 Nov 2021 06:10:09 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Sun, 07 Nov 2021 06:10:09 GMT
server: nginx/1.20.0
content-length: 76

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame E6D6 43 B
425 B 24ms
24ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YYdtwQIzpg-PkRSbibgvXAAA%261139
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 06:10:09 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1662
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 07 Nov 2021 06:37:51 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 8FCA
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

101ms
101ms

Document
text/html

18.213.10.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.tracking.my/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-10-151.compute-1.amazonaws.com
Software: /
Resource Hash: 4c386e4df5a83488efb75ca6999b9251ba851e0c5d03a557a92ef41942203132

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Sun, 07 Nov 2021 06:10:09 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Sun, 07 Nov 2021 06:10:09 GMT
pragma: no-cache

Redirect headers

date: Sun, 07 Nov 2021 06:10:09 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 8FCA 43 B
1 KB 23ms
22ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=f2d8189b-6f2b-4256-82be-a52ae6b464a3&expiration=1644214209
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 07 Nov 2021 06:10:09 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3F10 0
731 B 9ms
7ms Script
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 06:10:10 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1ee6d8bb-a8ce-49eb-bcc7-12b3c0a32ef9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame DBC9 0
260 B 77ms
20ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 06:10:11 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

102 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 00:40:41	Name: sync Value: CgoIgAIQp_SSyM8vCgoIgQIQyOGSyM8vCgoIoQEQp_SSyM8vCgoI4gEQyOGSyM8vCgoI5gEQyOGSyM8vCgoIhwIQyOGSyM8vCgkICRDI4ZLIzy8KCgiJAhCn9JLIzy8KCQgLEMjhksjPLwoKCIwCEMjhksjPLwoKCM4BEMjhksjPLwoKCI4BEKf0ksjPLwoKCJECEKf0ksjPLwoKCJICEKf0ksjPLwoKCJQCEKf0ksjPLwoJCDkQp_SSyM8vCgkIOhDI4ZLIzy8KCgjeARCn9JLIzy8KCQhfEMjhksjPLwoJCB8Qp_SSyM8v
www.tracking.my/	1970-01-19 22:31:12	Name: XSRF-TOKEN Value: eyJpdiI6IlFZSHUyck1GWmtqeFJVeUN3a1FxZkE9PSIsInZhbHVlIjoiK2FZYUpiN1kwRHB4OGxIMzdkNGpYdHlzMCs4RE9vcitjcUVYRmtnVnI3UU9JOWpBdGlqNXhseDFEZHI2U29iZyIsIm1hYyI6IjVmZjc0ZTcwNTMwODU0MjM4OWM0OWNmZDRmMjA5ZGExMzhlNzQyZDIyNjViYWZjYzNiZjU1OTlkZDJlNzZmZmIifQ%3D%3D
www.tracking.my/	1970-01-19 22:31:12	Name: trackingmy_session Value: eyJpdiI6IlBvNVlMeklRNkNHSWY3M0xKMVhzeUE9PSIsInZhbHVlIjoidk1hdndENnFzV2EraXdWQXo5bVJ3dTNXamJSclhqMm90UDNJQjIyd21DNDJ5aWN1TWw1M2UwdHhnYm9SMmlVQyIsIm1hYyI6IjEzNmNmYmM3YTViMzkxYTk1NzdkODhlMTViNmZlZDYxOTUwYWZjMjE2YTQyYjhkN2E4ZTE2YWY0N2JkNWI4MGEifQ%3D%3D
.tracking.my/	1970-01-20 16:02:17	Name: _ga Value: GA1.2.641196737.1636265406
.tracking.my/	1970-01-19 22:32:31	Name: _gid Value: GA1.2.2143001694.1636265406
.tracking.my/	1970-01-19 22:31:05	Name: _gat Value: 1
www.tracking.my/	1970-01-19 23:14:17	Name: _pbjs_userid_consent_data Value: 3524755945110770
.openx.net/	1970-01-20 07:16:41	Name: i Value: 9a610182-b749-0924-27cc-d3d101c8f802\|1636265405
.rubiconproject.com/	1970-01-20 07:16:41	Name: khaos Value: KVOU6BG7-4-2XM
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.tracking.my/	1970-01-20 00:40:41	Name: _fbp Value: fb.1.1636265406138.2008080393
.doubleclick.net/	1970-01-20 07:52:41	Name: IDE Value: AHWqTUnPan-38vA2BvaUWjhY1n0Wjg5zuszV0i3wu8w9xYdmZSUXSbbB-09wAoDuAdw
.doubleclick.net/	1970-01-19 22:31:06	Name: test_cookie Value: CheckForPermission
.tracking.my/	1970-01-20 07:52:41	Name: __gads Value: ID=b3dbcc0dacc73a73-22b40f7a37cb00a3:T=1636265406:S=ALNI_MbTJEIalSs18JA1gh6oQF2ddtDTjw
.3lift.com/	1970-01-20 00:40:41	Name: tluid Value: 6918425313689507291
.bidswitch.net/	1970-01-20 07:16:41	Name: c Value: 1636265406
.bidswitch.net/	1970-01-20 07:16:41	Name: tuuid_lu Value: 1636265406
.bidswitch.net/	1970-01-20 07:16:41	Name: tuuid Value: 90c742e9-64af-48d8-a562-b6995f3af959
.bing.com/	1970-01-20 07:52:41	Name: MUID Value: 07C8FD716BE3664A36FBED996A316721
.turn.com/	1970-01-20 02:50:17	Name: uid Value: 3647983957425595953
.adform.net/	1970-01-19 23:14:17	Name: C Value: 1
.adform.net/	1970-01-19 23:57:29	Name: uid Value: 8814327194925069517
.adform.net/	1970-01-19 22:41:10	Name: TPC Value: 1636265406882
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:02:59	Name: bcookie Value: "v=2&13bc0391-319c-4987-8665-d724a9152840"
.linkedin.com/	1970-01-20 15:58:56	Name: li_gc Value: MTswOzE2MzYyNjU0MDc7MjswMjEj2cc3NZXg6RYUw66ej0ndbNr3O006H/lKERXD8zfJug==
.linkedin.com/	1970-01-19 22:32:31	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2358:u=1:x=1:i=1636265407:t=1636351807:v=2:sig=AQEqQM3Aj1bmf1yrgENUn0eF6zCo5fh1"
.awin1.com/	1970-01-19 22:41:10	Name: awpv11795 Value: 412871\|1636265407\|5b372070-3f91-11ec-a957-2261a0e7f687
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 337372:2163948
.adsrvr.org/	1970-01-20 07:16:41	Name: TDID Value: fff4cddb-11c6-4cc3-85c5-fc39393ef461
.rlcdn.com/	1970-01-20 07:16:41	Name: rlas3 Value: gdlySG5udPEwlk0vLsbKF8xWDHYVnlbI6wfGv9mHqW8=
.rlcdn.com/	1970-01-19 23:57:29	Name: pxrc Value: CAA=
.lead-alliance.net/	1970-01-19 22:41:10	Name: ppv1225 Value: 2021110707100758272252719X117663V1225131106MSoneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC
www.lead-alliance.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 810i3f63bsbkh97hhllemdt90r
.captrader-tracking.de/	1970-01-19 22:35:24	Name: CT-ZNX-POSTVIEW Value: 1
.lead-alliance.net/	1970-01-19 22:41:10	Name: ppv1226 Value: 2021110707100758272252737X120211V1226132702MSoneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc
.yahoo.com/	1970-01-20 07:17:03	Name: A3 Value: d=AQABBL5th2ECEL56_-jfn32ZyHENHw5QQhYFEgEBAQG_iGGRYQAAAAAA_eMAAA&S=AQAAArFmFXg4OODXYroopMMZtEw
.blau.de/	1970-01-19 22:41:10	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTU4MDAwMDAwMDA2MTYzNjI2NTQwN3ZsZWExZGUyMDIxMTEwNzA3MTAwNzU4MjcyMjUyNzE5WDExNzY2M1YxMjI1MTMxMTA2TVNvbmVpZFg3a2N6ZndqWGRDelYxbXQ2SDRIZXRxdEJCWkhCVGtUbXdjSm9uZWlkX19hc3VpZGk2aERfbjNfem9YTkZPSlBkRGI5aHFyX2x2bDZWc01TYXN1aWRfX2FkZl9OZXRtaXhfUmVhY2gwOV9EQzExNzY2Mw
.blau.de/	1970-01-19 22:41:10	Name: nscQ486 Value: V
.o2online.de/	1970-01-19 22:41:10	Name: nscQ485 Value: V
.everesttech.net/	1970-01-20 07:16:41	Name: everest_g_v2 Value: g_surferid~YYdtvwAAAPWcHABG
.blau.de/	1970-01-19 22:41:10	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021110707100758272252719X117663V1225131106MSoneidX7kczfwjXdCzV1mt6H4HetqtBBZHBTkTmwcJoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__adf_Netmix_Reach09_DC&wfid=117663
.o2online.de/	1970-01-19 22:41:10	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTUyMDAwMDAwMDA2MTYzNjI2NTQwN3ZsZWExZGUyMDIxMTEwNzA3MTAwNzU4MjcyMjUyNzM3WDEyMDIxMVYxMjI2MTMyNzAyTVNvbmVpZDRwYlVFZjVmOWQ5VEdIOUhkdEF0bW1SZmJTcFRyWWZLb25laWRfX2FzdWlkaTZoRF9uM196b1hORk9KUGREYjlocXJfbHZsNlZzTVNhc3VpZF9fcmVhY2hfYWRmMDFuZXRtaXhkYzEyMDIxMQ
.o2online.de/	1970-01-19 22:41:10	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021110707100758272252737X120211V1226132702MSoneid4pbUEf5f9d9TGH9HdtAtmmRfbSpTrYfKoneid__asuidi6hD_n3_zoXNFOJPdDb9hqr_lvl6VsMSasuid__reach_adf01netmixdc&wfid=120211&ratenzahlung=24
.rubiconproject.com/	1970-01-20 07:16:41	Name: audit Value: 1\|hLZGFuTafB2lOWj3ye8Q+EZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lg8dsZbZzmBzHp5giMfg6gl73feGui2PgD6mJfqkEE8XoXFh5ipKaejh2Fm32TjiAMiWpbMeOaTtj3RV1LztTacAv9acVYLz7vZRXUguKpx6q9ASRbzVh1qaeY99bN8zhrkmEt+ORLho23ot7eFIuvEDPm65JeGvwCyUZALDQu6EbRj9rUC6sWNNlf1Yk2s1loXvMZRTIiDTkVs+NoqrvF//CuLSgd+R0BtPoVTZt/zoAPOh6q4rAmuU7IJddmKAozgmxy/Gr9OCpmvllXEtYN4=
.criteo.com/	1970-01-20 07:52:41	Name: uid Value: 4d69d8e6-d7dd-4425-9c77-32ae76d16be0
.tracking.my/	1970-01-20 07:52:41	Name: cto_bundle Value: klmBsV80SHAlMkJqRFR5MGpldFB1QzElMkJ1ZlhVTlI5MmNwR3VFTmdTckJLT3p2RWt3RG1Oc2h5YkElMkJqUHp1ZUIlMkZpTTJzOFRLQ0FieFFpcTdUYkJHaE9kbm5OMXAlMkJ3bHV0RjlwQ0J3NVdrYmVXVXVPOGpDNUlBUW1XTUslMkI5Uzd4VjE5QmlBTG5uazNIbzhkZUlEWThqNmhsaDl4NXclM0QlM0Q
.openx.net/	1970-01-19 22:52:41	Name: pd Value: v2\|1636265409\|mOgeginskin0vNomiygu
.mathtag.com/	1970-01-20 07:57:00	Name: uuid Value: d6396187-6dc0-4d00-b8f5-5c15dec24d59
.w55c.net/	1970-01-20 07:59:53	Name: wfivefivec Value: 579kxRly1MJBnz5
.adnxs.com/	1970-01-20 00:40:41	Name: uuid2 Value: 2562834129239918971
.w55c.net/	1970-01-19 23:14:17	Name: matchopenx Value: 5
.quantserve.com/	1970-01-20 08:01:19	Name: mc Value: 61876dc1-2327d-74a84-39cea
.ads.pubmatic.com/	1970-01-19 22:32:31	Name: KCCH Value: YES
www.tracking.my/	1970-01-20 07:52:41	Name: cto_bundle Value: C9mwHl9FRU1PQ1NJQXB3UHcyT2ZUOWx6S2FPJTJGdVBleVViZHElMkZBbEVmV0dDSUl4cHZDMSUyQndpVFRwb3BxMTNiekZFMU96WE9QdzdzOVpwQUtUenFvZURlYWI2cHFsSUJCSTJvdjZzcU5RUFR0SHolMkYxdXozTkFjZllXMUhqcmVUTEVHd05FWXlKeERDa1VOJTJCTyUyRlpBcTZweVlNOWclM0QlM0Q
www.tracking.my/	1970-01-20 07:52:41	Name: cto_bidid Value: py_RZV9MWmFCbTZzZGwxcDFrMnQ0TktxRVJ6Y0UyeUh0T2ltZ3VHUmpSdjlOa1daRG1uTXRxdTUxRThNZ2klMkJCQmIwbGs5TFR1UnNKWUNwQ0FKUWFGOFl0UU5iemZOak9zZCUyRmwyTndpTnNXdGQzazglM0Q
.nrich.ai/	1970-01-20 11:28:41	Name: _nauid Value: cacbfa6a-8f3d-4642-89f2-122eee8a15a8
.pubmatic.com/	1970-01-20 00:40:41	Name: KADUSERCOOKIE Value: 62EA51E1-8332-4C29-A3B5-4A35C576EC0C
.pubmatic.com/	1970-01-20 00:40:41	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 22:32:31	Name: pi Value: 158497:2
.pubmatic.com/	1970-01-20 00:40:41	Name: DPSync3 Value: 1637452800%3A219_201_197%7C1636329600%3A174
.pubmatic.com/	1970-01-20 00:40:41	Name: SyncRTB3 Value: 1637107200%3A63%7C1638835200%3A203%7C1637452800%3A8_220_7_54_3_22_13_161_56_71_21%7C1636848000%3A223%7C1637539200%3A35
.bidr.io/	1970-01-20 07:59:35	Name: bitoIsSecure Value: ok
.quantserve.com/	1970-01-20 00:40:41	Name: d Value: EKgBEQHVJPijCJiTAA
.casalemedia.com/	1970-01-20 07:16:41	Name: CMID Value: YYdtwQIzpg-PkRSbibgvXAAA
.casalemedia.com/	1970-01-20 00:40:41	Name: CMPS Value: 5224
.adsrvr.org/	1970-01-20 07:16:41	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMCL-Pvo75A6EAUSFwoIcHVibWF0aWMSCwjU4_CM6e-QOhAFGAEgASgCMgsI1Nvzuf_vkDoQBTgBWghwdWJtYXRpY2AC
.bidr.io/	1970-01-20 07:59:35	Name: bito Value: AAHzek7DDtwAABVmqj89wA
.adfarm1.adition.com/	1970-01-20 00:40:41	Name: UserID1 Value: 7027706419234207891
.analytics.yahoo.com/	1970-01-20 07:18:07	Name: IDSYNC Value: 18z8~21e6
.onaudience.com/	1970-01-20 07:16:41	Name: cookie Value: d2259ad2c8680abd
.onaudience.com/	1970-01-19 22:32:31	Name: done_redirects104 Value: 1
.casalemedia.com/	1970-01-20 00:40:41	Name: CMPRO Value: 1139
.casalemedia.com/	1970-01-19 22:32:31	Name: CMST Value: YYdtwWGHbcEA
.taptapnetworks.com/	1970-01-20 07:16:41	Name: SONATA_ID Value: csonata_d45ce1b0-2824-486c-b995-2ecaa788a913
.simpli.fi/	1970-01-20 07:18:07	Name: suid Value: 1E64C82940C34A29B2FC2A5F0529C9B4
.pubmatic.com/	1970-01-20 00:40:41	Name: KRTBCOOKIE_218 Value: 4056-YYdtvwAAAPWcHABG&KRTB&22978-YYdtvwAAAPWcHABG&KRTB&23194-YYdtvwAAAPWcHABG&KRTB&23209-YYdtvwAAAPWcHABG
.pubmatic.com/	1970-01-20 00:40:41	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 00:40:41	Name: KRTBCOOKIE_377 Value: 6810-fff4cddb-11c6-4cc3-85c5-fc39393ef461&KRTB&22918-fff4cddb-11c6-4cc3-85c5-fc39393ef461&KRTB&23031-fff4cddb-11c6-4cc3-85c5-fc39393ef461
.pubmatic.com/	1970-01-20 07:16:41	Name: KRTBCOOKIE_27 Value: 16735-uid:d6396187-6dc0-4d00-b8f5-5c15dec24d59&KRTB&16736-uid:d6396187-6dc0-4d00-b8f5-5c15dec24d59&KRTB&23019-uid:d6396187-6dc0-4d00-b8f5-5c15dec24d59&KRTB&23114-uid:d6396187-6dc0-4d00-b8f5-5c15dec24d59
.pubmatic.com/	1970-01-19 23:14:17	Name: KRTBCOOKIE_1101 Value: 23040-7027706419234207891
.pubmatic.com/	1970-01-19 23:14:17	Name: KRTBCOOKIE_391 Value: 22924-8814327194925069517&KRTB&23263-8814327194925069517
.de17a.com/	1970-01-20 07:09:29	Name: guid2 Value: 1.8523215248887648817
.pubmatic.com/	1970-01-19 23:14:17	Name: SPugT Value: 1636265408
.pubmatic.com/	1970-01-20 00:40:41	Name: KRTBCOOKIE_466 Value: 16530-90c742e9-64af-48d8-a562-b6995f3af959
.pubmatic.com/	1970-01-20 00:40:41	Name: KRTBCOOKIE_153 Value: 19420-XPNm3lymPdhH8G3bXaZz3l6jZt1H8WeKD6OrcwX9&KRTB&22979-XPNm3lymPdhH8G3bXaZz3l6jZt1H8WeKD6OrcwX9
.pubmatic.com/	1970-01-19 23:14:17	Name: PugT Value: 1636265409
.pubmatic.com/	1970-01-20 00:40:41	Name: KRTBCOOKIE_57 Value: 22776-2562834129239918971
.pubmatic.com/	1970-01-20 00:40:41	Name: KRTBCOOKIE_80 Value: 22987-CAESENQaffW0tBGlztTUCbswZnI&KRTB&16514-CAESENQaffW0tBGlztTUCbswZnI&KRTB&23025-CAESENQaffW0tBGlztTUCbswZnI
.pubmatic.com/	1970-01-19 23:14:17	Name: KRTBCOOKIE_699 Value: 22727-AAHzek7DDtwAABVmqj89wA
.pubmatic.com/	1970-01-19 23:14:17	Name: KRTBCOOKIE_336 Value: 5844-8523215248887648817
.owneriq.net/	1970-01-20 16:02:17	Name: si Value: Q6895518092026246456
.owneriq.net/	1970-01-19 22:45:29	Name: p2 Value: cc
.crwdcntrl.net/	1970-01-20 04:59:53	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:59:53	Name: _cc_id Value: 33dd7a0f2b1ff7e709f9565a523d00c9
.crwdcntrl.net/	1970-01-20 04:59:53	Name: _cc_cc Value: "ACZ4XmNQMDZOSTFPNEgzSjJMSzNPNTewTLM0NTNNNDUyTjEwSLZkAILE9tyDIBoKAF4FCvo%3D"
.crwdcntrl.net/	1970-01-20 04:59:53	Name: _cc_aud Value: "ABR4XmNgYGBIbM89CKSgAAAZogIX"
.onaudience.com/	1970-01-19 22:32:31	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 07:16:41	Name: zc Value: 8d683280-0985-4c2b-69c1-3e880538f57f
.zeotap.com/	1970-01-19 22:32:31	Name: zsc Value: yZ%B2%CB%9F%ECV%C2U%B9%A3l%07t%13%0B%89+%60%C8%FC%17%2C%A2%F57%C8%A7%FD%C0%24%7D%3E%A3%2F%C5%3B%1E%16w%AA%06%07z%25_%DF%B4%80%AD%EAJ%1Bg%9E%DAbj%02%EA%9F%EC%D4%9B%CA%CEAEO%A2%B8%A1%CA%D3XB%A3m%CB%E3G0M
.eqads.com/	1970-01-20 00:43:34	Name: EQUser Value: UID=f2d8189b-6f2b-4256-82be-a52ae6b464a3
.casalemedia.com/	1970-01-20 07:16:41	Name: CMRUM3 Value: f161876dc105a0&2d61876dc105a0&2861876dc12760f2d8189b-6f2b-4256-82be-a52ae6b464a3&0361876dc12760d6396187-6dc0-4d00-b8f5-5c15dec24d59&2761876dc10b40&e661876dc12760&6961876dc105a00&1f61876dc105a00

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=6918425313689507291 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=6918425313689507291 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7b4cdf28213e21eb70c5cb89d45c8412.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ad4m.at
adasia-d.openx.net
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
anymind360.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
aws-fr-sync.bidswitch.net
aws-fr.bidswitch.net
b1sync.zemanta.com
bidder.criteo.com
biddr.brealtime.com
c.bing.com
c1.adform.net
captrader-tracking.de
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
mytrackcdn.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
portal.blau.de
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prg.smartadserver.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.update.rubiconproject.com
s1.adform.net
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
tracking.my
triplelift-match.dotomi.com
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.tracking.my
x.bidswitch.net
104.111.239.217
104.111.242.53
104.17.120.107
116.203.138.1
13.248.245.213
142.250.186.130
151.101.130.49
151.101.193.108
169.50.137.182
172.217.18.98
178.250.0.163
178.250.0.165
178.250.2.146
18.195.106.43
18.203.131.238
18.213.10.151
18.66.97.105
18.66.97.9
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.131
185.86.139.59
198.47.127.20
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
209.54.178.82
213.155.156.185
213.19.147.43
23.37.38.181
23.37.42.132
2602:803:c004:200::143
2606:4700:10::6816:1857
2606:4700:20::681a:9a9
2606:4700:20::681a:ad1
2606:4700:3031::ac43:b7ba
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e1:101::6cae:b25
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9c
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:13::1370
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:400::645
2a05:d018:d29:3601:df82:91d9:7297:1e70
3.120.56.129
3.123.176.85
3.124.87.92
3.126.56.137
3.70.38.61
35.156.135.60
35.156.230.193
35.244.159.8
35.244.174.68
37.157.2.239
37.157.4.29
37.157.6.235
37.252.172.45
46.236.13.147
46.4.62.19
51.210.112.236
51.255.68.171
52.215.101.139
52.221.161.67
52.223.40.198
52.30.14.23
52.49.53.128
52.51.235.245
63.32.190.233
64.202.112.31
66.155.71.25
69.173.144.139
69.173.144.165
82.113.101.132
82.113.101.236
84.200.5.215
85.114.159.93
88.99.63.132
00d5962088e4d97c530799acb0a1334f9c6850e06a8024127e128de9d29ed430
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
172ffcfd10c6b52351b1bd73a589257afccd68d98c35bf4a48ddf41dbd9d16eb
18628410e439562258d896f286d7c012443d37601596604cfab8149188c2bff0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1daaa628711a77f2fce7f9e90ee1e8851bd634765273077a031b6d5baa422361
1f27d8ccb531e92edf5961dacec68583cec16fe366ff6d1901436684777fa21f
1f6ece41c2e21f5c8ade5dad3a40792aa6cd44b6caac6308191f25bdb771e41b
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23c05630a396acf82a928fab46a79b860312fefa228b658b38ec3d381ce2f3ef
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2e796f5a3756845fec57a89986b1df7a47665f02a625ba971520c7147e530a32
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
33b242e8a9ac0bb19f4b7be20f28365a20504d3682fc49d50210f8bb3cf842b9
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa1c81f826a2205885a0f081125cc21d6afa924e181d4a1731ad82a14d3404e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4c386e4df5a83488efb75ca6999b9251ba851e0c5d03a557a92ef41942203132
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e24cb6edc11fc5b5194bf012d90af6d43210bfdf91e4c7c8e50e082a51a28ea
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57b354cc463cf655d7d5fd9b893fd386a4034f18efa57ab9874a3ba020a01ec1
59995efb225a01ffe141e7ba7cacaee28b3b0497ab5a630d5f3ac70309d07a75
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
624ed4ddc2be730db955a9f11b5b50e890813baa337be31ea1beb127a7baef95
645f49314238c929270c8fc3ef37790492def429d465602feccf3d17ee2372ab
6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0
67fe4b0dae0f7dfc727322e3a4d1634c8cd82f0e771aff72d84680bc0beadc19
684a31ea5c10e66e1393a0d21584529f2c779990a7e574842832815a1c017d8b
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
70d9b6a6c8d8922954427d62dd505bebeed6d2e653a10ce1058b77629669451b
72beb0dd878e65b76fcc6b1307c8dcd635b2407d93c746542ba145c3aae02a88
78b6023c0810f79ccdcd008f17939408f6f550dd21f0262e0cd3b00415f3ed90
7a0f7f1e24dcb8a1f570893b0ee237ab73b5a71331396d82fac7c315f2e4f826
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f84c2298e6cf293ef60dfae9d4ddee5ee880f623b41582b24b1ffa36fbab41
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
873f4c6584487819caa69177acbfc984416914d2ddd4a0b42b6fafcd38feb7a8
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f959f8157807546f0392196a122486a80b8a3aa0fd658e7343a0bdbb0b3b64c
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9afe919ee188c99daf62b211b7017ffd2386fbdb64e891778ffa07273f28d9e6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b268c08438e3189357c6c08c859a3c3db757c62563e3450adbd4cdf3dc0d8d7b
b508811af051bfcdced61bffd5d030c7b4af08b9dfa72b24e17cc36d07cde3e5
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
bab72d9ab40151420be2a340ede127ffc5678e4160c52885bb79b105ea9b6e01
baf73c5430b3bb108310cf94cddaa4a7767f249dda9d583e1fdb601189f7bc0e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc907e28b23f56d9ad489ebd894903e889d227bc308bbdd96e4d42dd4f0051af
bce9efc2624c8f27fa5c8860f250061943947a637a3b350a3d6944e1fec8cd5a
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4134112f6648b0370d75f8c6c707211d92751137a793965e7f26d434a80a53a
c609b225eef69b2ff680336880854ea20d8e4b5dc2446a65059db302abbe4f41
c63c3efec234f7b0c788d596222a07f6e677adbcb748246b41b982006690c33e
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c7d82f43b3bb2fee7880b0ec3e6284951361c504f4ccf004688fed2aff36bab6
c93ad0cd6f284499dfeb36de7eef3072032443bf698b5b66e18f954bf7c4dba8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc91c67f997cde853a038f64f4a7aa7023b122f17f6429865e51a389b4a4e4f4
cd6671992c42d14ba7e3fc8e3488c3f7fb8e081f90a71458ae3b3c56fab8f8f1
cdead1dcc06911463009bc6337cc709e1dea8dde0c8474c01d7df99f2d5c086a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dd9a37648810601272a820080ad8635648370754d391f27cc275f9bb4151b362
df854f0e3738eb9fea50c9dfa4ecaa55f7aebc7520762dce4948df01b4f8fefb
e091006afa2f195b71d9badc8e11f8bdb9ce3b4022648aa050a39def41b02b7e
e0adbc5137537b59d228da1f91a4de599bd84112cf6bb98074e8416b99c6e7f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e64c870fac1b5b672d9d802aa7239b9f341b777225f44cd836c32a63f1c01ce4
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea3752b1e50ae383ababb6da6c0c8a55f1137dd7ddf9e9034b3673e76a14a9d9
eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449
ebfbda746093df84be08f2b887d843eb096d7366c66015e2c74aa788ecfcdc7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f470a398324e7844b964be34eb869a0fcf78bb50bbb8105716ff93f0972f4583
f4e8826532496c198394709ce716b6bed81d00d64972ed702de16a02648e0d57
f68eb9fcad8523ae33ce6f1e0d7349b6665cd18ad99eb0ebb5b0e60ccd6fce19
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
faf52cb0d020adf5e7eebbe6c7f449b3c767e00aad8ed624f7048873b96c2085
fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fef7089c09ddb771b308a24d87b6aa0a5696d3f0ff68a148004d5cf43ce33b88

www.tracking.my Open in urlscan Pro 52.221.161.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

214 Requests

75 %HTTPS

29 %IPv6

65 Domains

105 Subdomains

73 IPs

10 Countries

2369 kBTransfer

4932 kBSize

102 Cookies

0 Outgoing links

Page URL History

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tracking.my Open in urlscan Pro
52.221.161.67 Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

75 %
HTTPS

29 %
IPv6

65
Domains

105
Subdomains

73
IPs

10
Countries

2369 kB
Transfer

4932 kB
Size

102
Cookies

214 HTTP transactions
2 data transactions